Sploit.io - Search

Product: w15e, version: -

CVE-2024-4122

Severity: HIGH

Description: A vulnerability classified as critical was found in Tenda W15E 15.11.0.14. Affected by this vulnerability is the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Score: 8.8

Priority

B

CISA Data

EPSS Data

  • EPSS: 0.000450000
  • Percentile: 0.175370000
  • Date: 2025-01-13

ExploitDB

No data available.

HackerOne Data

  • Rank: 7454
  • Reports submitted count: 0
  • Unknown: 0
  • None: 0
  • Low: 0
  • Medium: 0
  • High: 0
  • Critical: 0

GitHub PoCs

    Nuclei Templates

    No data available.

    PacketStorm

    View PacketStorm Entry

    VulnCheck Data

    Affected Products:

    • Tenda W15E - Versions: 15.11.0.14

    References:

    Risk Assessment

    1. Risk Assessment
    The vulnerability identified as CVE-2024-4122 is a critical stack-based buffer overflow in the Tenda W15E router firmware version 15.11.0.14. This flaw resides in the `formSetDebugCfg` function within the `/goform/setDebugCfg` file, where improper handling of the `enable/level/module` arguments allows attackers to overwrite memory on the stack. The vulnerability is remotely exploitable, requiring low attack complexity and only low privileges, making it highly accessible to attackers.

    The CVSS v3.1 base score of 8.8 (HIGH) underscores the severity of this issue, with impacts on confidentiality, integrity, and availability all rated as high. Exploitation could lead to arbitrary code execution, enabling attackers to take full control of the affected device. Given that the exploit has been publicly disclosed and the vendor has not responded to initial disclosures, the likelihood of exploitation is elevated.

    Business impacts include potential disruption of network services, unauthorized access to sensitive data, and the possibility of attackers using compromised devices as pivot points for further attacks within the network. The ease of exploitation and the lack of vendor response increase the urgency of addressing this vulnerability.

    2. Potential Attack Scenarios
    An attacker could exploit this vulnerability by crafting a malicious HTTP request targeting the `/goform/setDebugCfg` endpoint on the Tenda W15E router. By manipulating the `enable/level/module` parameters, the attacker could trigger a stack-based buffer overflow, overwriting critical memory regions and injecting malicious code.

    The attack process would involve the following steps:
    - The attacker identifies a vulnerable Tenda W15E router exposed to the internet or within a local network.
    - The attacker sends a specially crafted HTTP POST request to the `/goform/setDebugCfg` endpoint, exploiting the buffer overflow to execute arbitrary code.
    - Once the code is executed, the attacker gains control over the router, potentially enabling them to intercept network traffic, modify router configurations, or use the device as a launchpad for further attacks.

    Potential outcomes include complete compromise of the router, leading to data exfiltration, network disruption, or lateral movement within the network to target other devices.

    3. Mitigation Recommendations
    Immediate action is required to mitigate this vulnerability. Organizations using the Tenda W15E router should:
    - Discontinue use of the affected firmware version (15.11.0.14) and upgrade to a patched version if and when the vendor releases one.
    - If no patch is available, consider replacing the affected devices with routers from vendors that provide timely security updates.
    - Implement network segmentation to isolate vulnerable devices and limit the potential impact of exploitation.
    - Monitor network traffic for unusual activity, particularly HTTP requests targeting the `/goform/setDebugCfg` endpoint.
    - Apply firewall rules to restrict access to the router's management interface from untrusted networks.

    For further technical details and exploit analysis, refer to the following resources:
    - PacketStorm Security: https://packetstormsecurity.com/search/?q=CVE-2024-4122
    - VulDB Entry: https://vuldb.com/?id.261865
    - GitHub Exploit Details: https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formSetDebugCfg.md

    4. Executive Summary
    CVE-2024-4122 is a critical vulnerability in the Tenda W15E router firmware that allows remote attackers to execute arbitrary code via a stack-based buffer overflow. This flaw poses significant risks to network security, including potential data breaches, service disruptions, and unauthorized access to sensitive information. The vulnerability is easy to exploit, and public disclosure of the exploit increases the likelihood of attacks.

    To protect your organization, immediate action is required. Discontinue use of the affected firmware, monitor for suspicious activity, and consider replacing vulnerable devices if no patch is available. Addressing this issue promptly is essential to safeguard your network and prevent potential exploitation. The business impact of inaction could be severe, making this a high-priority security concern.