Stack Overflow Vulnerability in Tenda AC23 Router
CVE-2022-43104

9.8CRITICAL

Key Information:

Vendor
Tenda
Vendor
CVE Published:
3 November 2022

Summary

A stack overflow vulnerability has been identified in the Tenda AC23 router, specifically affecting version V16.03.07.45_cn. This issue arises due to improper handling of the wpapsk_crypto parameter within the fromSetWirelessRepeat function. Exploitation of this vulnerability could allow attackers to manipulate device operations, potentially leading to unauthorized access and alterations in device settings.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.