Vulnerabilities > CVE-2024-11650 - NULL Pointer Dereference vulnerability in Tenda I9 Firmware 1.0.0.8(3828)

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
tenda
CWE-476

Summary

A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vulnerable Configurations

Part Description Count
OS
Tenda
1
Hardware
Tenda
1

Common Weakness Enumeration (CWE)