CVE-2023-37707

Name of the Vulnerable Software and Affected Versions Tenda FH1203 version V2.0.1.6

Description The issue is related to a stack overflow in the fromVirtualSer function, which can be exploited to cause a denial of service. This can be achieved by manipulating the page parameter. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Tenda FH1203 version V2.0.1.6, as a temporary workaround, consider disabling the fromVirtualSer function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the page parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.