Stack Overflow Vulnerability in Tenda AC23 Router
CVE-2022-43104
9.8CRITICAL
Summary
A stack overflow vulnerability has been identified in the Tenda AC23 router, specifically affecting version V16.03.07.45_cn. This issue arises due to improper handling of the wpapsk_crypto parameter within the fromSetWirelessRepeat function. Exploitation of this vulnerability could allow attackers to manipulate device operations, potentially leading to unauthorized access and alterations in device settings.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved