Stack Overflow Vulnerability in Tenda AX12 Router
CVE-2022-25560

7.5HIGH

Key Information:

Vendor
Tenda
Vendor
CVE Published:
10 March 2022

Summary

A stack overflow vulnerability has been identified in the Tenda AX12 router version 22.03.01.21. This flaw exists in the sub_4327CC function and can be exploited by attackers to create a Denial of Service (DoS) condition. By sending specially crafted input through the list parameter, unauthorized users can disrupt the normal functioning of the device, leading to unavailability and impacting users. It is crucial for users of affected devices to apply the necessary security patches to mitigate this risk.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.