MitreCVE-2023-38933CVE-2023-38933
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
57.0%
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tenda | ac10_firmware | 15.03.06.23 | cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:* |
| tenda | ac10 | 1.0 | cpe:2.3:h:tenda:ac10:1.0:*:*:*:*:*:*:* |
| tenda | ac1206_firmware | 15.03.06.23 | cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:* |
| tenda | ac1206 | - | cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:* |
| tenda | ac6_firmware | 15.03.06.23 | cpe:2.3:o:tenda:ac6_firmware:15.03.06.23:*:*:*:*:*:*:* |
| tenda | ac6 | 2.0 | cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:* |
| tenda | ac7_firmware | 15.03.06.44 | cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:* |
| tenda | ac7 | 1.0 | cpe:2.3:h:tenda:ac7:1.0:*:*:*:*:*:*:* |
| tenda | f1203_firmware | 2.0.1.6 | cpe:2.3:o:tenda:f1203_firmware:2.0.1.6:*:*:*:*:*:*:* |
| tenda | f1203 | - | cpe:2.3:h:tenda:f1203:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
57.0%