Multiple Cisco SD-WAN Vulnerabilities
September 30, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
September 30, 2024Multiple Cisco SD-WAN Vulnerabilities
September 30, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
September 30, 2024Severity
High
Analysis Summary
CVE-2024-9284
A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-9284
Affected Vendors
Affected Products
- TP-LINK TL-WR841ND - 20240920
Remediation
Refer to TP-Link Website for patch, upgrade, or suggested workaround information.