Stack Overflow Vulnerability in Tenda AC8 Router
CVE-2023-39786

7.5HIGH

Key Information:

Vendor: Tenda
Status: Ac8v4 Firmware
Vendor: CVE Published:; 21 August 2023

What is CVE-2023-39786?

The Tenda AC8 router has been found to have a stack overflow vulnerability that is triggered by the time parameter in the sscanf function. This flaw could potentially allow attackers to exploit the device, leading to unauthorized access and compromising the integrity of the router's operations. As IoT devices become more prevalent, ensuring the security of products like the Tenda AC8 is crucial for maintaining network security and protecting sensitive information.

References

http://tenda.com

https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/3

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2023
Vulnerability Reserved
Aug 7, 2023