CVE-2024-11650

Summary

A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
Tendai91.0.0.8(3828)affected

Weaknesses

  • CWE-476: NULL Pointer Dereference
  • CWE-404: Denial of Service

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References