CVE-2022-37176

Опубликовано: 30 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.

Ссылки

http://ac6ac1200.com
Permissions Required
Vendor Advisory
URL Repurposed
http://tenda.com
Not Applicable
https://drive.google.com/drive/folders/1L6ojSooP8sbZLQYRsAxlb0IWVAZef8Z7?usp=sharing
Permissions Required
Third Party Advisory
http://ac6ac1200.com
Permissions Required
Vendor Advisory
URL Repurposed
http://tenda.com
Not Applicable
https://drive.google.com/drive/folders/1L6ojSooP8sbZLQYRsAxlb0IWVAZef8Z7?usp=sharing
Permissions Required
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tendacn:ac6_firmware:*:*:*:*:*:*:*:*

Версия до 02.03.01.114 (включая)

cpe:2.3:h:tendacn:ac6:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00329

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-j2ch-2mcc-vpwr