Stack Overflow Vulnerability in Tenda AC8 Router
CVE-2023-33675

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ac8 Firmware
Vendor: CVE Published:; 2 June 2023

Summary

The Tenda AC8 router is susceptible to a stack overflow vulnerability caused by improper handling of the time parameter in the get_parentControl_list_Info function. This flaw could lead to unauthorized remote code execution, compromising the device's integrity and potentially allowing an attacker to take control of the router. It is crucial for users to be aware of this vulnerability, implement necessary patches, and follow best practices for securing their devices to prevent exploitation.

References

https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/...

https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N5

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 2, 2023
Vulnerability Reserved
May 22, 2023