PT-2023-5671 · Tenda · Tenda Ac10
Aixiao0621
·
Published
2023-09-27
·
Updated
2023-10-04
·
CVE-2023-44021
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Tenda AC10U version 1.0 US AC10UV1.0RTL V15.03.06.49 multi TDE01
Description
The issue is related to a stack overflow via the
formSetClientState function, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. This is a result of a buffer overflow in the memory.Recommendations
For Tenda AC10U version 1.0 US AC10UV1.0RTL V15.03.06.49 multi TDE01, as a temporary workaround, consider disabling the
formSetClientState function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Stack Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Ac10