CVE-2024-11056 – A critical stack-based buffer overflow vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-11056?

CVE-2024-11056 has a CVSS score of 8.8 (HIGH). A critical stack-based buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by manipulating the wpapsk_crypto parameter. This affects Tenda AC10 routers running firmware version 16.03.10.13. Attackers can exploit this without authentication to potentially take full control of affected devices.

📋 TL;DR

A critical stack-based buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by manipulating the wpapsk_crypto parameter. This affects Tenda AC10 routers running firmware version 16.03.10.13. Attackers can exploit this without authentication to potentially take full control of affected devices.

💻 Affected Systems

Products:

Tenda AC10

Versions: 16.03.10.13

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific firmware version; other versions may also be vulnerable but unconfirmed.

📦 What is this software?

Ac10 Firmware by Tenda

View all CVEs affecting Ac10 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, creation of persistent backdoors, lateral movement to internal networks, and botnet enrollment.

🟠

Likely Case

Remote code execution allowing attackers to modify router settings, intercept network traffic, or use the device as a pivot point into internal networks.

🟢

If Mitigated

If properly segmented and monitored, impact limited to the router itself with no lateral movement to other systems.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable without authentication on internet-facing routers.

🏢 Internal Only: MEDIUM - Internal routers are still vulnerable but require network access; could be exploited via phishing or compromised internal hosts.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit details available; manipulation of wpapsk_crypto parameter triggers buffer overflow in FUN_0046AC38 function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware for AC10. 3. Log into router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and apply new firmware. 6. Reboot router.

🔧 Temporary Workarounds

Disable WPS/WiFi Extra Features

all

Disable WPS and WiFi extra settings that may use the vulnerable function

Network Segmentation

all

Isolate router management interface from untrusted networks

🧯 If You Can't Patch

Segment affected routers in isolated VLAN with strict firewall rules
Implement network monitoring for exploitation attempts and block malicious IPs

🔍 How to Verify

Check if Vulnerable:

Check router firmware version via admin interface; if version is 16.03.10.13, device is vulnerable.

Check Version:

Login to router admin interface and check System Status or Firmware Version page

Verify Fix Applied:

After firmware update, verify version is no longer 16.03.10.13 and test if wpapsk_crypto parameter manipulation still causes issues.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/WifiExtraSet
Multiple failed buffer overflow attempts in router logs
Unexpected router reboots or configuration changes

Network Indicators:

HTTP requests with manipulated wpapsk_crypto parameter
Unusual outbound connections from router
Traffic patterns suggesting router compromise

SIEM Query:

source="router_logs" AND (uri="/goform/WifiExtraSet" OR message="*buffer*" OR message="*overflow*")

📊 Metadata

CVE ID: CVE-2024-11056

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: November 10, 2024

Last Updated: November 14, 2024

🔗 References

https://tasty-foxtrot-3a8.notion.site/Tenda-AC10v4-stack-overflow-1380448e619580409bb1e1ac85f45570 Exploit,Third Party Advisory
https://vuldb.com/?ctiid.283800 Permissions Required,Third Party Advisory
https://vuldb.com/?id.283800 Permissions Required,Third Party Advisory
https://vuldb.com/?submit.439358 Exploit,Third Party Advisory
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11056, you might also want to check these: