Heap Overflow Vulnerability in Tenda AX1803 Router
CVE-2022-40874

7.5HIGH

Key Information:

Vendor: Tenda
Status: Ax1803 Firmware
Vendor: CVE Published:; 27 October 2022

What is CVE-2022-40874?

The Tenda AX1803 v1.0.0.1 has been identified with a vulnerability in the GetParentControlInfo function. This vulnerability manifests as a heap overflow, which can be exploited to execute a denial of service attack. By sending a specially crafted HTTP request, an attacker could potentially disrupt service availability, compromising network integrity and user access.

References

https://www.cnblogs.com/L0g4n-blog/p/16695155.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2022
Vulnerability Reserved
Sep 19, 2022