Details of VAR-202407-0735

ID

VAR-202407-0735

CVE

CVE-2024-6962

TITLE

Shenzhen Tenda Technology Co.,Ltd. of o3 firmware 1.0.0.10(2478) Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-004797

DESCRIPTION

A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272116. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of o3 firmware 1.0.0.10(2478) Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda O3 is a wireless bridge device, mainly used to extend and enhance wireless network signals, suitable for home and small business network environments. Attackers can exploit this vulnerability to cause arbitrary code execution, device control, and even cause the device to crash or fail to work properly

Trust: 2.16

sources: NVD: CVE-2024-6962 // JVNDB: JVNDB-2024-004797 // CNVD: CNVD-2025-12009

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-12009

AFFECTED PRODUCTS

vendor:	tenda	model:	o3 1.0.0.10\	scope:	eq	version:	*	Trust: 1.0
vendor:	tenda	model:	o3 1.0.0.10	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	o3 1.0.0.10	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	o3 1.0.0.10	scope:	eq	version:	o3 firmware 1.0.0.10(2478)	Trust: 0.8
vendor:	tenda	model:	o3	scope:	eq	version:	1.0.0.10	Trust: 0.6

sources: CNVD: CNVD-2025-12009 // JVNDB: JVNDB-2024-004797 // NVD: CVE-2024-6962

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2024-6962
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2024-6962
value:	HIGH
Trust: 1.0
NVD:	CVE-2024-6962
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-12009
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2024-6962
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2025-12009
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2024-6962
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2024-6962
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-12009 // JVNDB: JVNDB-2024-004797 // NVD: CVE-2024-6962 // NVD: CVE-2024-6962

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-004797 // NVD: CVE-2024-6962

PATCH

title:

Patch for Tenda O3 formQosSet function buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/694851

Trust: 0.6

sources: CNVD: CNVD-2025-12009

EXTERNAL IDS

db:	NVD	id:	CVE-2024-6962	Trust: 3.2
db:	VULDB	id:	272116	Trust: 1.6
db:	JVNDB	id:	JVNDB-2024-004797	Trust: 0.8
db:	CNVD	id:	CNVD-2025-12009	Trust: 0.6

sources: CNVD: CNVD-2025-12009 // JVNDB: JVNDB-2024-004797 // NVD: CVE-2024-6962

REFERENCES

url:	https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/o3v2.0/formqosset.md	Trust: 2.4
url:	https://vuldb.com/?submit.374583	Trust: 1.8
url:	https://vuldb.com/?ctiid.272116	Trust: 1.6
url:	https://vuldb.com/?id.272116	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2024-6962	Trust: 0.8

sources: CNVD: CNVD-2025-12009 // JVNDB: JVNDB-2024-004797 // NVD: CVE-2024-6962

SOURCES

db:	CNVD	id:	CNVD-2025-12009
db:	JVNDB	id:	JVNDB-2024-004797
db:	NVD	id:	CVE-2024-6962

LAST UPDATE DATE

2025-06-12T01:56:31.103000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-12009	date:	2025-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2024-004797	date:	2024-07-29T03:17:00
db:	NVD	id:	CVE-2024-6962	date:	2024-07-25T15:47:18.363

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-12009	date:	2025-06-06T00:00:00
db:	JVNDB	id:	JVNDB-2024-004797	date:	2024-07-29T00:00:00
db:	NVD	id:	CVE-2024-6962	date:	2024-07-22T00:15:02.287