Lucene search

K
cveMitreCVE-2023-38929
HistoryAug 07, 2023 - 7:15 p.m.

CVE-2023-38929

2023-08-0719:15:10
CWE-787
mitre
web.nvd.nist.gov
25
tenda
4g300
v1.01.42
stack overflow
vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

57.0%

Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer.

Affected configurations

Nvd
Node
tenda4g300_firmwareMatch1.01.42
AND
tenda4g300Match-
VendorProductVersionCPE
tenda4g300_firmware1.01.42cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*
tenda4g300-cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

57.0%

Related for CVE-2023-38929