PT-2023-22659 · Tenda · Tenda Ac15

范启航

Published

2023-04-24

Updated

2023-04-28

CVE-2023-30370

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.19

Description The issue is related to a stack-based buffer overflow vulnerability in the GetValue function. This vulnerability can be exploited, potentially leading to unauthorized access or code execution. However, specific details about the estimated number of affected devices or real-world incidents are not provided.

Recommendations For Tenda AC15 version 15.03.05.19, consider disabling the GetValue function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2023-30370

Affected Products

Tenda Ac15

PT-2023-22659 · Tenda · Tenda Ac15

CVE-2023-30370

Weakness Enumeration

Related Identifiers

Affected Products

References · 6