Lucene search

[email protected]NVD:CVE-2024-30620

HistoryApr 02, 2024 - 2:15 p.m.

CVE-2024-30620

2024-04-0214:15:08

CWE-120

CWE-787

[email protected]

web.nvd.nist.gov

tenda ax1803

stack overflow

servicename parameter

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

47.1%

JSON

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan.

Affected configurations

Nvd

Node

tendaax1803Match-

AND

tendaax1803_firmwareMatch1.0.0.1

VendorProductVersionCPE
tendaax1803-cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*
tendaax1803_firmware1.0.0.1cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tenda	ax1803	-	cpe:2.3:h:tenda:ax1803:-:::::::*
tenda	ax1803_firmware	1.0.0.1	cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:::::::*

References

github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

47.1%

JSON

Related for NVD:CVE-2024-30620

cvelist1 cve1 vulnrichment1