Details of VAR-202401-0540

ID

VAR-202401-0540

CVE

CVE-2024-0540

TITLE

Shenzhen Tenda Technology Co.,Ltd. of w9 Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-001459

DESCRIPTION

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250710 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the formOfflineSet function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

Trust: 2.16

sources: NVD: CVE-2024-0540 // JVNDB: JVNDB-2024-001459 // CNVD: CNVD-2024-14372

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-14372

AFFECTED PRODUCTS

vendor:	tenda	model:	w9	scope:	eq	version:	1.0.0.7\(4456\)	Trust: 1.0
vendor:	tenda	model:	w9	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	w9	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	w9	scope:	eq	version:	w9 firmware 1.0.0.7(4456)	Trust: 0.8
vendor:	tenda	model:	w9	scope:	eq	version:	1.0.0.7(4456)	Trust: 0.6

sources: CNVD: CNVD-2024-14372 // JVNDB: JVNDB-2024-001459 // NVD: CVE-2024-0540

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2024-0540
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2024-0540
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2024-0540
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2024-14372
value:	MEDIUM
Trust: 0.6

cna@vuldb.com:	CVE-2024-0540
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2024-14372
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2024-0540
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2024-0540
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2024-0540
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2024-14372 // JVNDB: JVNDB-2024-001459 // NVD: CVE-2024-0540 // NVD: CVE-2024-0540

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-121	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-001459 // NVD: CVE-2024-0540

PATCH

title:

Patch for Tenda W9 out-of-bounds write vulnerability (CNVD-2024-14372)

url:

https://www.cnvd.org.cn/patchInfo/show/534926

Trust: 0.6

sources: CNVD: CNVD-2024-14372

EXTERNAL IDS

db:	NVD	id:	CVE-2024-0540	Trust: 3.2
db:	VULDB	id:	250710	Trust: 1.0
db:	JVNDB	id:	JVNDB-2024-001459	Trust: 0.8
db:	CNVD	id:	CNVD-2024-14372	Trust: 0.6

sources: CNVD: CNVD-2024-14372 // JVNDB: JVNDB-2024-001459 // NVD: CVE-2024-0540

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2024-0540	Trust: 1.4
url:	https://github.com/jylsec/vuldb/blob/main/tenda/w9/5/readme.md	Trust: 1.0
url:	https://vuldb.com/?ctiid.250710	Trust: 1.0
url:	https://vuldb.com/?id.250710	Trust: 1.0

sources: CNVD: CNVD-2024-14372 // JVNDB: JVNDB-2024-001459 // NVD: CVE-2024-0540

SOURCES

db:	CNVD	id:	CNVD-2024-14372
db:	JVNDB	id:	JVNDB-2024-001459
db:	NVD	id:	CVE-2024-0540

LAST UPDATE DATE

2024-08-14T13:41:16.184000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-14372	date:	2024-03-21T00:00:00
db:	JVNDB	id:	JVNDB-2024-001459	date:	2024-02-05T05:15:00
db:	NVD	id:	CVE-2024-0540	date:	2024-05-17T02:34:45.340

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-14372	date:	2024-03-21T00:00:00
db:	JVNDB	id:	JVNDB-2024-001459	date:	2024-02-05T00:00:00
db:	NVD	id:	CVE-2024-0540	date:	2024-01-15T05:15:08.583