Sign-up

ID

VAR-202407-3082


CVE

CVE-2024-33365


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Classic buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801

DESCRIPTION

Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10.20_cn allows a remote attacker to execute arbitrary code via the Virtual_Data_Check function in the bin/httpd component. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-33365 // JVNDB: JVNDB-2024-025801

AFFECTED PRODUCTS

vendor:tendamodel:ac10scope:eqversion:16.03.10.20

Trust: 1.0

vendor:tendamodel:ac10scope: - version: -

Trust: 0.8

vendor:tendamodel:ac10scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac10scope:eqversion:ac10 firmware 16.03.10.20

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801 // NVD: CVE-2024-33365

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-33365
value: HIGH

Trust: 1.0

OTHER: JVNDB-2024-025801
value: HIGH

Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-33365
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2024-025801
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801 // NVD: CVE-2024-33365

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801 // NVD: CVE-2024-33365

EXTERNAL IDS

db:NVDid:CVE-2024-33365

Trust: 2.6

db:JVNDBid:JVNDB-2024-025801

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801 // NVD: CVE-2024-33365

REFERENCES

url:https://github.com/johnathanhuutri/cve_report/blob/master/cve-2024-33365/readme.md

Trust: 1.8

url:https://hackmd.io/%40johnathanhuutri/rjnbeitjc

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-33365

Trust: 0.8

sources: JVNDB: JVNDB-2024-025801 // NVD: CVE-2024-33365

SOURCES

db:JVNDBid:JVNDB-2024-025801
db:NVDid:CVE-2024-33365

LAST UPDATE DATE

2025-07-09T22:54:03.496000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-025801date:2025-07-08T04:53:00
db:NVDid:CVE-2024-33365date:2025-07-07T16:09:32.320

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-025801date:2025-07-08T00:00:00
db:NVDid:CVE-2024-33365date:2024-07-29T17:15:10.947