Details of VAR-202402-1997

ID

VAR-202402-1997

CVE

CVE-2024-25580

TITLE

Tenda AC18 formexeCommand function buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2024-14308

DESCRIPTION

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file. Tenda AC18 is a router made by the Chinese company Tenda. There is a buffer overflow vulnerability in Tenda AC18 V15.03.05.05. The vulnerability is caused by the cmdinput parameter of the formexeCommand function in the /goform/execCommand file failing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute on the system. Arbitrary code or lead to denial of service attacks. DescriptionA flaw was found in Qt Base. This flaw allows an malicious user to use a specially crafted KTX image file to trigger a buffer overflow in the application reading it, leading to a denial of service.A flaw was found in Qt Base

Trust: 1.53

sources: NVD: CVE-2024-25580 // CNVD: CNVD-2024-14308 // VULMON: CVE-2024-25580

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-14308

AFFECTED PRODUCTS

vendor:

tenda

model:

ac18

scope:

version:

15.03.05.05

Trust: 0.6

sources: CNVD: CNVD-2024-14308

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2024-14308
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-14308
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2024-14308

PATCH

title:	Patch for Tenda AC18 formexeCommand function buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/534891	Trust: 0.6
title:	Debian CVElist Bug Report Logs: qt6-base: CVE-2024-25580	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=2ebf1524fcece0a7b0c6937e8d2445fe	Trust: 0.1
title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2024-25580	Trust: 0.1

sources: CNVD: CNVD-2024-14308 // VULMON: CVE-2024-25580

EXTERNAL IDS

db:	NVD	id:	CVE-2024-25580	Trust: 1.7
db:	CNVD	id:	CNVD-2024-14308	Trust: 0.6
db:	VULMON	id:	CVE-2024-25580	Trust: 0.1

sources: CNVD: CNVD-2024-14308 // VULMON: CVE-2024-25580 // NVD: CVE-2024-25580

REFERENCES

url:	https://www.qt.io/blog/security-advisory-potential-buffer-overflow-when-reading-ktx-images	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2024-25580	Trust: 0.7
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064052	Trust: 0.1

sources: CNVD: CNVD-2024-14308 // VULMON: CVE-2024-25580 // NVD: CVE-2024-25580

SOURCES

db:	CNVD	id:	CNVD-2024-14308
db:	VULMON	id:	CVE-2024-25580
db:	NVD	id:	CVE-2024-25580

LAST UPDATE DATE

2024-03-27T22:40:17.658000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-14308	date:	2024-03-21T00:00:00
db:	NVD	id:	CVE-2024-25580	date:	2024-03-27T12:29:30.307

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-14308	date:	2024-03-21T00:00:00
db:	NVD	id:	CVE-2024-25580	date:	2024-03-27T03:15:12.007