CVE-2024-24543 – A buffer overflow vulnerability in the setSched... (How to Fix)

Q: What is the severity of CVE-2024-24543?

CVE-2024-24543 has a CVSS score of 9.8 (CRITICAL). A buffer overflow vulnerability in the setSchedWifi function of Tenda AC9 v.3.0 routers allows remote attackers to execute arbitrary code or cause denial of service by sending specially crafted data. This affects users running firmware version v.15.03.06.42_multi on these devices.

📋 TL;DR

A buffer overflow vulnerability in the setSchedWifi function of Tenda AC9 v.3.0 routers allows remote attackers to execute arbitrary code or cause denial of service by sending specially crafted data. This affects users running firmware version v.15.03.06.42_multi on these devices.

💻 Affected Systems

Products:

Tenda AC9 v.3.0

Versions: Firmware version v.15.03.06.42_multi

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific firmware version only; other versions may not be vulnerable.

📦 What is this software?

Ac9 Firmware by Tenda

View all CVEs affecting Ac9 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, network infiltration, and potential lateral movement to other systems.

🟠

Likely Case

Denial of service causing router crashes and network disruption, with potential for limited code execution.

🟢

If Mitigated

Isolated impact limited to the router itself if properly segmented from critical networks.

🌐 Internet-Facing: HIGH - Routers are typically internet-facing devices, making them directly accessible to attackers.

🏢 Internal Only: MEDIUM - Internal attackers could exploit if they have network access, but external exposure is the primary concern.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public GitHub repository contains proof-of-concept details; buffer overflow vulnerabilities in IoT devices are frequently weaponized.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

Check Tenda's official website for firmware updates. If available, download the latest firmware, log into router admin interface, navigate to firmware upgrade section, upload the new firmware file, and apply the update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate the vulnerable router from critical network segments to limit potential damage.

Access Control Lists

linux

Implement firewall rules to restrict access to the router's management interface.

iptables -A INPUT -p tcp --dport 80 -s trusted_network -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP

🧯 If You Can't Patch

Replace the vulnerable device with a supported, patched model
Implement strict network monitoring and intrusion detection for exploit attempts

🔍 How to Verify

Check if Vulnerable:

Log into router admin interface and check firmware version under System Status or similar section.

Check Version:

Check via web interface at http://router_ip or use curl: curl http://router_ip/login/Auth

Verify Fix Applied:

Verify firmware version has been updated to a version newer than v.15.03.06.42_multi.

📡 Detection & Monitoring

Log Indicators:

Unusual traffic patterns to router management interface
Multiple failed connection attempts followed by buffer overflow patterns

Network Indicators:

Unusual payloads sent to router management port (typically 80/443)
Traffic patterns matching known exploit signatures

SIEM Query:

source="router_logs" AND (message="*buffer overflow*" OR message="*segmentation fault*")

📊 Metadata

CVE ID: CVE-2024-24543

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: February 5, 2024

Last Updated: May 15, 2025

🔗 References

https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md Exploit,Third Party Advisory
https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-24543, you might also want to check these: