Search

Find a vulnerability

Search criteria

    9 vulnerabilities found for rx9 by tenda

    VAR-202410-1750

    Vulnerability from variot - Updated: 2025-06-02 23:22

    A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_4337EC function of the /goform/SetNetControlList page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-1750",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          },
          {
            "model": "rx9 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "rx9 pro  firmware  22.03.02.20"
          },
          {
            "model": "rx9",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "cve": "CVE-2024-10283",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-10283",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011877",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-11159",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-10283",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011877",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-10283",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-10283",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-011877",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-11159",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_4337EC function of the /goform/SetNetControlList page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-10283",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "281558",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "id": "VAR-202410-1750",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          }
        ]
      },
      "last_update_date": "2025-06-02T23:22:56.230000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda RX9 Pro/RX9 /goform/SetNetControlList page buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/691406"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.427064"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.6,
            "url": "https://vuldb.com/?id.281558"
          },
          {
            "trust": 1.0,
            "url": "https://gitee.com/gxb0_0/iot-vul/blob/master/tenda/rx9/20/setnetcontrollist.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.281558"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-10283"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "date": "2024-11-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "date": "2024-10-23T15:15:29.850000",
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11159"
          },
          {
            "date": "2024-11-05T04:53:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          },
          {
            "date": "2024-11-01T14:08:24.997000",
            "db": "NVD",
            "id": "CVE-2024-10283"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0rx9\u00a0pro\u00a0 Out-of-bounds write vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011877"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-1969

    Vulnerability from variot - Updated: 2025-06-01 23:16

    A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_42EA38 function of the /goform/SetVirtualServerCfg page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-1969",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "22.03.02.10"
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          },
          {
            "model": "rx9 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "rx9 pro  firmware  22.03.02.20"
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "rx9 pro  firmware  22.03.02.10"
          },
          {
            "model": "rx9",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "22.03.02.10"
          },
          {
            "model": "rx9",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "cve": "CVE-2024-10282",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-10282",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011832",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-11161",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-10282",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011832",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-10282",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-10282",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-011832",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-11161",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_42EA38 function of the /goform/SetVirtualServerCfg page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-10282",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "281557",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "id": "VAR-202410-1969",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          }
        ]
      },
      "last_update_date": "2025-06-01T23:16:04.785000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda RX9 Pro/RX9 /goform/SetVirtualServerCfg Page Buffer Overflow Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/691416"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.427066"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.6,
            "url": "https://vuldb.com/?id.281557"
          },
          {
            "trust": 1.0,
            "url": "https://gitee.com/gxb0_0/iot-vul/blob/master/tenda/rx9/20/setvirtualservercfg.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.281557"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-10282"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "date": "2024-11-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "date": "2024-10-23T15:15:29.590000",
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11161"
          },
          {
            "date": "2024-11-05T02:22:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          },
          {
            "date": "2024-11-01T13:47:10.087000",
            "db": "NVD",
            "id": "CVE-2024-10282"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0rx9\u00a0pro\u00a0 Out-of-bounds write vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011832"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-1521

    Vulnerability from variot - Updated: 2025-06-01 23:09

    A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_42EEE0 function of the /goform/SetStaticRouteCfg page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-1521",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "22.03.02.10"
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          },
          {
            "model": "rx9 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "rx9 pro  firmware  22.03.02.20"
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "rx9 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "rx9 pro  firmware  22.03.02.10"
          },
          {
            "model": "rx9",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "22.03.02.10"
          },
          {
            "model": "rx9",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "22.03.02.20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "cve": "CVE-2024-10281",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-10281",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011807",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-11160",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-10281",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-011807",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-10281",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-10281",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-011807",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-11160",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of rx9 pro An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the list parameter in the sub_42EEE0 function of the /goform/SetStaticRouteCfg page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-10281",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "281556",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "id": "VAR-202410-1521",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          }
        ]
      },
      "last_update_date": "2025-06-01T23:09:22.907000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda RX9 Pro/RX9 /goform/SetStaticRouteCfg page buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/691411"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://vuldb.com/?id.281556"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.427065"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://gitee.com/gxb0_0/iot-vul/blob/master/tenda/rx9/20/setstaticroutecfg.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.281556"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-10281"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-26T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "date": "2024-11-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "date": "2024-10-23T14:15:04.773000",
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-11160"
          },
          {
            "date": "2024-11-05T01:08:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          },
          {
            "date": "2024-11-01T13:52:35.563000",
            "db": "NVD",
            "id": "CVE-2024-10281"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0rx9\u00a0pro\u00a0 Out-of-bounds write vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-011807"
          }
        ],
        "trust": 0.8
      }
    }

    CVE-2024-10283 (GCVE-0-2024-10283)

    Vulnerability from nvd – Published: 2024-10-23 15:00 – Updated: 2024-10-23 17:33
    VLAI
    Title
    Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow
    Summary
    A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281558 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281558 signaturepermissions-required
    https://vuldb.com/?submit.427064 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10283",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T17:30:46.351880Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T17:33:05.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in Tenda RX9 and RX9 Pro 22.03.02.20 entdeckt. Betroffen davon ist die Funktion sub_4337EC der Datei /goform/SetNetControlList. Mit der Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T15:00:12.454Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281558 | Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281558"
            },
            {
              "name": "VDB-281558 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281558"
            },
            {
              "name": "Submit #427064 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427064"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetNetControlList.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:57.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10283",
        "datePublished": "2024-10-23T15:00:12.454Z",
        "dateReserved": "2024-10-23T06:07:52.411Z",
        "dateUpdated": "2024-10-23T17:33:05.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-10282 (GCVE-0-2024-10282)

    Vulnerability from nvd – Published: 2024-10-23 14:31 – Updated: 2024-10-23 17:51
    VLAI
    Title
    Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow
    Summary
    A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281557 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281557 signaturepermissions-required
    https://vuldb.com/?submit.427066 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10282",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T17:50:18.481537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T17:51:56.577Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "In Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20 wurde eine kritische Schwachstelle entdeckt. Betroffen ist die Funktion sub_42EA38 der Datei /goform/SetVirtualServerCfg. Dank Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T14:31:24.051Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281557 | Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281557"
            },
            {
              "name": "VDB-281557 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281557"
            },
            {
              "name": "Submit #427066 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.10\u3001RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427066"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetVirtualServerCfg.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:46.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10282",
        "datePublished": "2024-10-23T14:31:24.051Z",
        "dateReserved": "2024-10-23T06:07:37.708Z",
        "dateUpdated": "2024-10-23T17:51:56.577Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-10281 (GCVE-0-2024-10281)

    Vulnerability from nvd – Published: 2024-10-23 14:00 – Updated: 2024-10-23 18:20
    VLAI
    Title
    Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow
    Summary
    A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281556 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281556 signaturepermissions-required
    https://vuldb.com/?submit.427065 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10281",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T18:19:28.352564Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T18:20:52.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20 entdeckt. Hiervon betroffen ist die Funktion sub_42EEE0 der Datei /goform/SetStaticRouteCfg. Dank der Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T14:00:24.603Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281556 | Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281556"
            },
            {
              "name": "VDB-281556 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281556"
            },
            {
              "name": "Submit #427065 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.10\u3001RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427065"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetStaticRouteCfg.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:43.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10281",
        "datePublished": "2024-10-23T14:00:24.603Z",
        "dateReserved": "2024-10-23T06:07:35.435Z",
        "dateUpdated": "2024-10-23T18:20:52.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-10283 (GCVE-0-2024-10283)

    Vulnerability from cvelistv5 – Published: 2024-10-23 15:00 – Updated: 2024-10-23 17:33
    VLAI
    Title
    Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow
    Summary
    A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281558 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281558 signaturepermissions-required
    https://vuldb.com/?submit.427064 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10283",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T17:30:46.351880Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T17:33:05.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in Tenda RX9 and RX9 Pro 22.03.02.20 entdeckt. Betroffen davon ist die Funktion sub_4337EC der Datei /goform/SetNetControlList. Mit der Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T15:00:12.454Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281558 | Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281558"
            },
            {
              "name": "VDB-281558 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281558"
            },
            {
              "name": "Submit #427064 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427064"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetNetControlList.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:57.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10283",
        "datePublished": "2024-10-23T15:00:12.454Z",
        "dateReserved": "2024-10-23T06:07:52.411Z",
        "dateUpdated": "2024-10-23T17:33:05.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-10282 (GCVE-0-2024-10282)

    Vulnerability from cvelistv5 – Published: 2024-10-23 14:31 – Updated: 2024-10-23 17:51
    VLAI
    Title
    Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow
    Summary
    A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281557 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281557 signaturepermissions-required
    https://vuldb.com/?submit.427066 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10282",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T17:50:18.481537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T17:51:56.577Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "In Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20 wurde eine kritische Schwachstelle entdeckt. Betroffen ist die Funktion sub_42EA38 der Datei /goform/SetVirtualServerCfg. Dank Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T14:31:24.051Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281557 | Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281557"
            },
            {
              "name": "VDB-281557 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281557"
            },
            {
              "name": "Submit #427066 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.10\u3001RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427066"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetVirtualServerCfg.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:46.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10282",
        "datePublished": "2024-10-23T14:31:24.051Z",
        "dateReserved": "2024-10-23T06:07:37.708Z",
        "dateUpdated": "2024-10-23T17:51:56.577Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-10281 (GCVE-0-2024-10281)

    Vulnerability from cvelistv5 – Published: 2024-10-23 14:00 – Updated: 2024-10-23 18:20
    VLAI
    Title
    Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow
    Summary
    A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.281556 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.281556 signaturepermissions-required
    https://vuldb.com/?submit.427065 third-party-advisory
    https://gitee.com/GXB0_0/iot-vul/blob/master/Tend… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda RX9 Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    Tenda RX9 Pro Affected: 22.03.02.10
    Affected: 22.03.02.20
    Create a notification for this product.
    tenda rx9 Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tenda rx9_pro Affected: 22.03.02.10
    Affected: 22.03.02.20
        cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    GuoXB (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tenda:rx9:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "rx9_pro",
                "vendor": "tenda",
                "versions": [
                  {
                    "status": "affected",
                    "version": "22.03.02.10"
                  },
                  {
                    "status": "affected",
                    "version": "22.03.02.20"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-10281",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T18:19:28.352564Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T18:20:52.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RX9",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            },
            {
              "product": "RX9 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "22.03.02.10"
                },
                {
                  "status": "affected",
                  "version": "22.03.02.20"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "GuoXB (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20 entdeckt. Hiervon betroffen ist die Funktion sub_42EEE0 der Datei /goform/SetStaticRouteCfg. Dank der Manipulation des Arguments list mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-23T14:00:24.603Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-281556 | Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.281556"
            },
            {
              "name": "VDB-281556 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.281556"
            },
            {
              "name": "Submit #427065 | Tenda RX9 Router RX9 Pro Firmware V22.03.02.10\u3001RX9 Pro Firmware V22.03.02.20 Stack-based Buffer Overflow",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.427065"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetStaticRouteCfg.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-10-23T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-10-23T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-10-23T08:12:43.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-10281",
        "datePublished": "2024-10-23T14:00:24.603Z",
        "dateReserved": "2024-10-23T06:07:35.435Z",
        "dateUpdated": "2024-10-23T18:20:52.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }