Buffer Overflow in Tenda I22 Router by Tenda
CVE-2022-45665

7.5HIGH

Key Information:

Vendor: Tenda
Status: I22 Firmware
Vendor: CVE Published:; 20 December 2022

What is CVE-2022-45665?

A vulnerability has been detected in the Tenda I22 router, specifically in version V1.0.0.3. The issue arises due to a buffer overflow condition in the formSetCfm function, triggered by the funcpara1 parameter. This flaw could potentially allow attackers to exploit the router, leading to unauthorized access or manipulation of sensitive data. It's crucial for users to be aware of this vulnerability and apply any available patches or mitigation strategies.

References

https://github.com/Double-q1015/CVE-vulns/blob/main/tenda...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 20, 2022
Vulnerability Reserved
Nov 21, 2022