Buffer Overflow Vulnerability in Tenda AC18 Router
CVE-2022-44183
9.8CRITICAL
Key Information:
- Vendor
- Tenda
- Status
- Vendor
- CVE Published:
- 21 November 2022
Badges
👾 Exploit Exists🟡 Public PoC
Summary
The Tenda AC18 router, specifically version V15.03.05.19, is susceptible to a buffer overflow vulnerability through the 'formSetWifiGuestBasic' function. This flaw could allow attackers to exploit memory management issues, potentially leading to unauthorized access and control of the device. It is essential for users to update their router firmware and implement security best practices to mitigate risks associated with this vulnerability.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved