Lucene search

[email protected]CVE-2023-37712

HistoryJul 10, 2023 - 5:15 p.m.

CVE-2023-37712

2023-07-1017:15:09

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-37712

tenda

ac1206

f1202

fh1202

v15.03.06.23

v1.2.0.20(408)

security vulnerability

stack overflow

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.7%

JSON

Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function.

Affected configurations

NVD

Node

tendaf1202_firmwareMatch1.2.0.20\(408\)

AND

tendaf1202Match-

Node

tendaac1206_firmwareMatch15.03.06.23

AND

tendaac1206Match-

Node

tendafh1202Match-

AND

tendafh1202_firmwareMatch1.2.0.20\(408\)

CPENameOperatorVersion
tenda:f1202_firmwaretenda f1202 firmwareeq1.2.0.20\(408\)

CPE	Name	Operator	Version
tenda:f1202_firmware	tenda f1202 firmware	eq	1.2.0.20\(408\)

References

github.com/FirmRec/IoT-Vulns/tree/main/tenda/fromSetIpBind

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.7%

JSON

Related for CVE-2023-37712

nvd1 prion1 cvelist1