Lucene search

MitreCVE-2024-30620

HistoryApr 02, 2024 - 2:15 p.m.

CVE-2024-30620

2024-04-0214:15:08

CWE-787

CWE-120

mitre

web.nvd.nist.gov

tenda ax1803 stack overflow stack overflow cve-2024-30620 servicename parameter fromadvsetmacmtuwan. nvd.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

47.1%

JSON

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan.

Affected configurations

Nvd

Node

tendaax1803Match-

AND

tendaax1803_firmwareMatch1.0.0.1

VendorProductVersionCPE
tendaax1803-cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*
tendaax1803_firmware1.0.0.1cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tenda	ax1803	-	cpe:2.3:h:tenda:ax1803:-:::::::*
tenda	ax1803_firmware	1.0.0.1	cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:::::::*

References

github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

47.1%

JSON

Related for CVE-2024-30620