PT-2022-16502 · Tenda · Tenda Ax3
Published
2022-02-04
·
Updated
2022-02-07
·
CVE-2022-24152
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Tenda AX3 version 16.03.12.10 CN
Description
A stack overflow was discovered in the
fromSetRouteStatic function, allowing attackers to cause a Denial of Service (DoS) via the list parameter.Recommendations
For Tenda AX3 version 16.03.12.10 CN, consider disabling the
fromSetRouteStatic function as a temporary workaround until a patch is available. Restrict access to the list parameter in the affected function to minimize the risk of exploitation.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tenda Ax3