Buffer Overflow Vulnerability in Tenda TX9pro Router Software
CVE-2022-38510

7.8HIGH

Key Information:

Vendor: Tenda
Status: Tx9 Pro Firmware
Vendor: CVE Published:; 29 August 2022

What is CVE-2022-38510?

The Tenda TX9pro router firmware version V22.03.02.10 suffers from a buffer overflow vulnerability in the component httpd/SetNetControlList. This flaw may allow an attacker to execute arbitrary code, potentially compromising the integrity and confidentiality of the device. Users of the Tenda TX9pro should take immediate action to mitigate this risk by updating to the latest firmware, as exploitation may lead to unauthorized access to sensitive configurations and personal data.

References

https://github.com/whiter6666/CVE/blob/main/Tenda_TX9pro/...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2022
Vulnerability Reserved
Aug 22, 2022