Описание
A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tenda:ch22_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ch22:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 8.8
github
около 2 месяцев назад
A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.
EPSS
Процентиль: 27%
0.00096
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119