Описание
A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tenda:ac23_firmware:16.03.07.52:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ac23:-:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00084
Низкий
8.8 High
CVSS3
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119
CWE-120
Связанные уязвимости
CVSS3: 8.8
github
около 1 месяца назад
A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
EPSS
Процентиль: 24%
0.00084
Низкий
8.8 High
CVSS3
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119
CWE-120