Stack Overflow Vulnerability in Tenda AC1206 and Related Products
CVE-2023-37712
9.8CRITICAL
Summary
A stack overflow vulnerability has been identified in certain Tenda devices, specifically in the fromSetIpBind function. This vulnerability occurs when the page parameter is improperly handled, potentially allowing an attacker to execute arbitrary code or disrupt service functionality. Affected devices include the Tenda AC1206, F1202, and FH1202 models. Users are urged to review their device configurations and implement necessary patches to mitigate potential risks.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved