Stack Overflow Vulnerability in Tenda AC1206 Router
CVE-2022-37814

9.8CRITICAL

Key Information:

Vendor
Tenda
Status
Ac1206 Firmware
Vendor
CVE Published:
25 August 2022

Summary

The Tenda AC1206 router version V15.03.06.23 contains vulnerabilities that introduce risk through multiple stack overflow conditions triggered by input in the deviceMac and device_id parameters within the addWifiMacFilter function. Exploitation of these overflows can lead to potential unauthorized access or denial of service, posing a significant threat to device integrity and network security.

References

https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC120...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.