CVE-2024-11248 – A critical stack-based buffer overflow vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-11248?

CVE-2024-11248 has a CVSS score of 8.8 (HIGH). A critical stack-based buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by manipulating the rebootTime parameter. This affects Tenda AC10 routers running firmware version 16.03.10.13. Successful exploitation could lead to complete device compromise.

📋 TL;DR

A critical stack-based buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by manipulating the rebootTime parameter. This affects Tenda AC10 routers running firmware version 16.03.10.13. Successful exploitation could lead to complete device compromise.

💻 Affected Systems

Products:

Tenda AC10

Versions: 16.03.10.13

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific firmware version on Tenda AC10 routers. Other models/versions may be vulnerable but unconfirmed.

📦 What is this software?

Ac10 Firmware by Tenda

View all CVEs affecting Ac10 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full router compromise, credential theft, network pivoting, and persistent backdoor installation.

🟠

Likely Case

Router crash/reboot causing denial of service, followed by potential remote code execution for attackers with exploit development skills.

🟢

If Mitigated

Limited to denial of service if exploit fails or if network segmentation prevents lateral movement.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects internet-facing routers directly exposed to attackers.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to the router's management interface.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details have been publicly disclosed, making weaponization likely. The vulnerability is remotely exploitable without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware for AC10. 3. Log into router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and apply new firmware. 6. Reboot router.

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router management interface

Network segmentation

all

Isolate router management interface to trusted network segment

🧯 If You Can't Patch

Replace affected routers with patched or different vendor models
Implement strict network access controls to limit exposure to router management interface

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is 16.03.10.13, device is vulnerable.

Check Version:

Check via router web interface at 192.168.0.1 or 192.168.1.1 (default) under System Status or similar section.

Verify Fix Applied:

Verify firmware version has changed from 16.03.10.13 to a newer version after update.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/SetSysAutoRebbotCfg with long rebootTime parameters
Router crash/reboot logs

Network Indicators:

HTTP POST requests to router IP on port 80/443 targeting vulnerable endpoint
Unusual outbound connections from router

SIEM Query:

http.method:POST AND http.uri:"/goform/SetSysAutoRebbotCfg" AND http.param.rebootTime:*

📊 Metadata

CVE ID: CVE-2024-11248

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: November 15, 2024

Last Updated: November 19, 2024

🔗 References

https://tasty-foxtrot-3a8.notion.site/Tenda-AC10v4-formSetRebootTimer-stack-overflow-13d0448e619580bf8ab1df7cfb6c018b Exploit,Third Party Advisory
https://vuldb.com/?ctiid.284684 Permissions Required,Third Party Advisory
https://vuldb.com/?id.284684 Permissions Required,Third Party Advisory
https://vuldb.com/?submit.443204 Third Party Advisory
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11248, you might also want to check these: