PT-2022-12691 · Tenda · Tenda Ax12
Published
2022-03-09
·
Updated
2022-03-15
·
CVE-2021-46408
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Tenda AX12 version 22.03.01.21
Description
A stack buffer overflow was discovered in the function sub 422CE4, allowing attackers to cause a Denial of Service (DoS) via the
strcpy parameter.Recommendations
For Tenda AX12 version 22.03.01.21, consider disabling the
sub 422CE4 function as a temporary workaround until a patch is available. Avoid using the strcpy parameter in the affected function to minimize the risk of exploitation.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tenda Ax12