Lucene search

[email protected]CVE-2023-38823

HistoryNov 20, 2023 - 8:15 p.m.

CVE-2023-38823

2023-11-2020:15:07

CWE-120

[email protected]

web.nvd.nist.gov

cve

38823

buffer overflow

tenda

ac19

ac18

ac9

ac6

remote code execution

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON

Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.

Affected configurations

NVD

Node

tendaac6Match2.0

AND

tendaac6_firmwareMatch15.03.05.19\(6318\)

Node

tendaac6Match1.0

AND

tendaac6_firmwareMatch15.03.05.19\(6318\)

Node

tendaac9Match1.0

AND

tendaac9_firmwareMatch15.03.05.19\(6318\)

Node

tendaac19Match1.0

AND

tendaac19_firmwareMatch15.03.05.19\(6318\)

Node

tendaac18Match-

AND

tendaac18_firmwareMatch15.03.05.19\(6318\)

CPENameOperatorVersion
tenda:ac6_firmwaretenda ac6 firmwareeq15.03.05.19\(6318\)

CPE	Name	Operator	Version
tenda:ac6_firmware	tenda ac6 firmware	eq	15.03.05.19\(6318\)

References

github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON

Related for CVE-2023-38823

prion1 cvelist1 nvd1