Buffer Overflow in Tenda I22 Router by Tenda
CVE-2022-45665

7.5HIGH

Key Information:

Vendor: Tenda
Status: I22 Firmware
Vendor: CVE Published:; 20 December 2022

Summary

A vulnerability has been detected in the Tenda I22 router, specifically in version V1.0.0.3. The issue arises due to a buffer overflow condition in the formSetCfm function, triggered by the funcpara1 parameter. This flaw could potentially allow attackers to exploit the router, leading to unauthorized access or manipulation of sensitive data. It's crucial for users to be aware of this vulnerability and apply any available patches or mitigation strategies.

References

https://github.com/Double-q1015/CVE-vulns/blob/main/tenda...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 20, 2022
Vulnerability Reserved
Nov 21, 2022