CVE-2023-33669

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ac8 Firmware
Vendor: CVE Published:; 2 June 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-33669
Created by Mohammaddvd

References

https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/...

https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N1

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Oct 28, 2024
👾
Exploit known to exist
Oct 28, 2024
Vulnerability published
Jun 2, 2023
Vulnerability Reserved
May 22, 2023

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)