Stack Overflow Vulnerability in Tenda FH1203 Router
CVE-2023-37703

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Fh1203 Firmware
Vendor: CVE Published:; 10 July 2023

Summary

The Tenda FH1203 router, specifically version V2.0.1.6, is susceptible to a stack overflow vulnerability found in the formSetSpeedWan function. By manipulating the speed_dir parameter, an attacker could exploit this flaw, potentially leading to unauthorized access or denial of service. This highlights the critical need for users to ensure their devices are updated with the latest security patches to mitigate risks associated with IoT vulnerabilities.

References

https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6907

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2023
Vulnerability Reserved
Jul 10, 2023