CVE-2023-40847

Name of the Vulnerable Software and Affected Versions Tenda AC6 version US AC6V1.0BR V15.03.05.16 multi TD01.bin

Description The issue is related to a Buffer Overflow that occurs via the function "initIpAddrInfo". This function reads in a user-provided parameter and passes the variable without any length check, leading to the overflow.

Recommendations For Tenda AC6 version US AC6V1.0BR V15.03.05.16 multi TD01.bin, as a temporary workaround, consider disabling the "initIpAddrInfo" function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.