CVE-2022-40864

Опубликовано: 23 сент. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet

Ссылки

https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSmartPowerManagement.md
Exploit
Third Party Advisory
https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/setSmartPowerManagement.md
Exploit
Third Party Advisory
https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSmartPowerManagement.md
Exploit
Third Party Advisory
https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/setSmartPowerManagement.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tendacn:ac15_firmware:15.03.05.19:*:*:*:*:*:*:*

cpe:2.3:h:tendacn:ac15:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:tendacn:ac18_firmware:15.03.05.19:*:*:*:*:*:*:*

cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00395

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-5fp5-vv6c-j2hj