CVE-2024-10280

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS v3 7.5 HIGH
CVSS v2.0 6.8 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md	Third Party Advisory
https://vuldb.com/?ctiid.281555	Permissions Required VDB Entry
https://vuldb.com/?id.281555	Third Party Advisory VDB Entry
https://vuldb.com/?submit.426417	Third Party Advisory VDB Entry
https://www.tenda.com.cn/	Product

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:tenda:ac15_firmware:15.03.05.18:::::::*
	cpe:2.3:o:tenda:ac15_firmware:15.03.05.19:::::::*

cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:tenda:ac10u_firmware:15.03.06.48:::::::*
	cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:::::::*

cpe:2.3:h:tenda:ac10u:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:tenda:ac500_firmware:1.0.0.14:::::::*
	cpe:2.3:o:tenda:ac500_firmware:1.0.0.16:::::::*
	cpe:2.3:o:tenda:ac500_firmware:2.0.1.9\(1307\):::::::*

cpe:2.3:h:tenda:ac500:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

OR	cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:::::::*
	cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\(6318\):::::::*

cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

OR	cpe:2.3:o:tenda:ac9_firmware:15.03.2.13:::::::*
	cpe:2.3:o:tenda:ac9_firmware:15.03.05.14:::::::*
	cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\(6318\):::::::*

cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:tenda:ac9_firmware:15.03.06.42:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac9:3.0:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:tenda:ac6_firmware:15.03.06.23:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

OR	cpe:2.3:o:tenda:ac10_firmware:16.03.10.13:::::::*
	cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:::::::*

cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

OR	cpe:2.3:o:tenda:ac10_firmware:16.03.48.19:::::::*
	cpe:2.3:o:tenda:ac10_firmware:16.03.48.23:::::::*

cpe:2.3:h:tenda:ac10:5.0:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

OR	cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:::::::*
	cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:::::::*

cpe:2.3:h:tenda:ac8:4.0:*:*:*:*:*:*:*

History

01 Nov 2024, 14:03

Type	Values Removed	Values Added
CVSS	v2 : ~~6.8~~ v3 : ~~6.5~~	v2 : 6.8 v3 : 7.5
Summary		(es) Se ha detectado una vulnerabilidad en Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 y AC1206 hasta 20241022. Se ha calificado como problemática. Este problema afecta a la función websReadEvent del archivo /goform/GetIPTV. La manipulación del argumento Content-Length provoca la desreferenciación de puntero nulo. El ataque puede iniciarse de forma remota. El exploit se ha hecho público y puede utilizarse.
First Time		Tenda ac8 Firmware Tenda ac500 Firmware Tenda ac6 Tenda ac8 Tenda ac18 Tenda ac10u Tenda Tenda ac7 Firmware Tenda ac7 Tenda ac9 Tenda ac15 Tenda ac1206 Tenda ac9 Firmware Tenda ac15 Firmware Tenda ac10u Firmware Tenda ac1206 Firmware Tenda ac6 Firmware Tenda ac10 Firmware Tenda ac10 Tenda ac18 Firmware Tenda ac500
CPE		cpe:2.3:o:tenda:ac15_firmware:15.03.05.19:::::::* cpe:2.3:o:tenda:ac10_firmware:16.03.10.13:::::::* cpe:2.3:h:tenda:ac15:-:::::::* cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:::::::* cpe:2.3:o:tenda:ac6_firmware:15.03.06.23:::::::* cpe:2.3:o:tenda:ac500_firmware:1.0.0.14:::::::* cpe:2.3:o:tenda:ac500_firmware:1.0.0.16:::::::* cpe:2.3:o:tenda:ac10_firmware:16.03.48.23:::::::* cpe:2.3:o:tenda:ac9_firmware:15.03.06.42:::::::* cpe:2.3:o:tenda:ac10_firmware:16.03.48.19:::::::* cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:::::::* cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:::::::* cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\(6318\):::::::* cpe:2.3:h:tenda:ac10:4.0:::::::* cpe:2.3:h:tenda:ac9:1.0:::::::* cpe:2.3:h:tenda:ac9:3.0:::::::* cpe:2.3:o:tenda:ac9_firmware:15.03.2.13:::::::* cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:::::::* cpe:2.3:h:tenda:ac6:2.0:::::::* cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\(6318\):::::::* cpe:2.3:h:tenda:ac8:4.0:::::::* cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:::::::* cpe:2.3:h:tenda:ac7:-:::::::* cpe:2.3:h:tenda:ac1206:-:::::::* cpe:2.3:o:tenda:ac15_firmware:15.03.05.18:::::::* cpe:2.3:h:tenda:ac500:-:::::::* cpe:2.3:o:tenda:ac500_firmware:2.0.1.9\(1307\):::::::* cpe:2.3:o:tenda:ac9_firmware:15.03.05.14:::::::* cpe:2.3:h:tenda:ac18:-:::::::* cpe:2.3:h:tenda:ac10:5.0:::::::* cpe:2.3:o:tenda:ac10u_firmware:15.03.06.48:::::::* cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:::::::* cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:::::::* cpe:2.3:h:tenda:ac10u:-:::::::*
References	~~() https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md -~~	() https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md - Third Party Advisory
References	~~() https://vuldb.com/?ctiid.281555 -~~	() https://vuldb.com/?ctiid.281555 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?id.281555 -~~	() https://vuldb.com/?id.281555 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.426417 -~~	() https://vuldb.com/?submit.426417 - Third Party Advisory, VDB Entry
References	~~() https://www.tenda.com.cn/ -~~	() https://www.tenda.com.cn/ - Product

23 Oct 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-23 14:15

Updated : 2024-11-01 14:03

NVD link : CVE-2024-10280

Mitre link : CVE-2024-10280

CVE.ORG link : CVE-2024-10280

JSON object : View

Products Affected

tenda

ac8
ac500_firmware
ac1206
ac10_firmware
ac18
ac18_firmware
ac7_firmware
ac15
ac15_firmware
ac10u_firmware
ac6
ac9_firmware
ac8_firmware
ac9
ac1206_firmware
ac7
ac10u
ac500
ac10
ac6_firmware

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2024-10280", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 7.1, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-23T14:15:04.500", "references": [{"url": "https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md", "tags": ["Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?ctiid.281555", "tags": ["Permissions Required", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.281555", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?submit.426417", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://www.tenda.com.cn/", "tags": ["Product"], "source": "cna@vuldb.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad en Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 y AC1206 hasta 20241022. Se ha calificado como problem\u00e1tica. Este problema afecta a la funci\u00f3n websReadEvent del archivo /goform/GetIPTV. La manipulaci\u00f3n del argumento Content-Length provoca la desreferenciaci\u00f3n de puntero nulo. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."}], "lastModified": "2024-11-01T14:03:20.267", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac15_firmware:15.03.05.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56881C41-A993-45CC-BAE6-E9DE17FA56E2"}, {"criteria": "cpe:2.3:o:tenda:ac15_firmware:15.03.05.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A14A19EE-FB4E-4371-AC85-1401EB78B16D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B73E7C1C-F121-486A-8B15-E97EA0C219A5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D94B37C-491D-4E7C-8273-F46FEDA62C9F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3BEE979-5BF3-48ED-AF42-0546D4F896E9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C2AFD04-833D-4085-BAD6-32A2715FA785"}, {"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F101E88-BEA9-4017-9048-860DF3D1BBBC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac10u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDBE5E26-7967-4FDD-A29F-7740B29C4B8E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac500_firmware:1.0.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61BA4026-93A8-4D83-815E-397A2EC0A279"}, {"criteria": "cpe:2.3:o:tenda:ac500_firmware:1.0.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "816A7A37-5952-4B22-80F7-8CD09383E079"}, {"criteria": "cpe:2.3:o:tenda:ac500_firmware:2.0.1.9\\(1307\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F0EEFAB-B3B0-4C10-A712-7A35F5FD076E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64192A8B-CC65-44EC-942B-CC16AADF0D69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D5CB727-FC6B-4212-A61E-2888A0DADFB0"}, {"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AC468E5-44D1-4B94-B308-C1025DB1BB7B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF9F8AF9-F921-4348-922B-EE5E6037E7AC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3473D6FD-4D42-46D0-9D96-F95D6D856E8E"}, {"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA7503C5-02C6-4016-A4C6-414146719BFF"}, {"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8F25141-8B57-463D-AB97-F52C0143973C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "566DA530-18FC-4A46-95B4-2A7D343A96A7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.06.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B0A5168-9E0C-43F7-BF7B-3943A3316CB8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac9:3.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7F482F89-B0F6-450D-B675-43EC0A9E6A4B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "787A50A1-EDBC-44EB-8CF2-11C4FC63719D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29D5013D-520A-461A-95FF-43B2BE160F91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D82FD30C-AF3C-4E3B-B674-002A5C9ED09D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F1C8715-D7B4-4D1A-9E90-079C72049332"}, {"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A19C486B-52A3-4C3E-851D-F349E8E0A706"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.48.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DABA74C0-297A-4372-B84D-00BA0D334318"}, {"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.48.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC3020CA-7422-4B9A-AA7B-C2B1A03A4450"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac10:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BCFFBD6-3DAD-4FEA-9B5D-D7CBFC36572D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C1D64DC-1EDC-4F62-8D22-E1890B71843C"}, {"criteria": "cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE69F412-6FC7-470D-BC7E-B3AAC6B4585F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac8:4.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "655619B2-6E8B-4D2E-98E7-028E69597E80"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cna@vuldb.com"}

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2024-10280

7.5^/10

6.8^/10

Attach tags to `CVE-2024-10280`