Stack Overflow Vulnerability in Tenda W6 Router
CVE-2022-35557

7.5HIGH

Key Information:

Vendor: Tenda
Status: W6 Firmware
Vendor: CVE Published:; 12 August 2022

What is CVE-2022-35557?

A stack overflow vulnerability has been identified in the Tenda W6 router, specifically in the /goform/wifiSSIDget functionality. This flaw can be exploited using the index parameter, allowing attackers to execute a denial of service (DoS) attack, disrupting network connectivity and service functionality. Users of affected versions are advised to assess their systems and implement necessary safeguards to mitigate this risk.

References

https://github.com/ilovekeer/IOT/tree/main/Tenda/W6/stack...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2022
Vulnerability Reserved
Jul 11, 2022