AI Score
Confidence
Low
EPSS
Percentile
47.4%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
[
{
"cpes": [
"cpe:2.3:a:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*"
],
"vendor": "tenda",
"product": "ac8_firmware",
"versions": [
{
"status": "affected",
"version": "16.03.34.09"
}
],
"defaultStatus": "unknown"
}
]