Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
References
Link | Resource |
---|---|
https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromDhcpListClient/repot.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
21 Jul 2023, 14:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Tenda ac5 Firmware
Tenda f1202 Firmware Tenda ac1206 Firmware Tenda ac9 Tenda f1202 Tenda ac10 Tenda ac10 Firmware Tenda fh1202 Tenda fh1202 Firmware Tenda ac7 Tenda ac9 Firmware Tenda ac1206 Tenda Tenda ac5 Tenda ac7 Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromDhcpListClient/repot.md - Exploit, Third Party Advisory | |
CPE | cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:* cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:* cpe:2.3:o:tenda:f1202_firmware:1.0br:*:*:*:*:*:*:* cpe:2.3:o:tenda:ac7_firmware:1.0:*:*:*:*:*:*:* cpe:2.3:o:tenda:ac9_firmware:3.0:*:*:*:*:*:*:* cpe:2.3:o:tenda:ac1206_firmware:1.0:*:*:*:*:*:*:* cpe:2.3:o:tenda:fh1202_firmware:1.2.0.19_en:*:*:*:*:*:*:* cpe:2.3:o:tenda:ac5_firmware:1.0:*:*:*:*:*:*:* cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\(408\):*:*:*:*:*:*:* cpe:2.3:o:tenda:ac10_firmware:1.0:*:*:*:*:*:*:* cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:* cpe:2.3:h:tenda:ac5:-:*:*:*:*:*:*:* cpe:2.3:h:tenda:fh1202:-:*:*:*:*:*:*:* cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:* cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:* |
|
CWE | CWE-787 |
14 Jul 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-14 00:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-37717
Mitre link : CVE-2023-37717
CVE.ORG link : CVE-2023-37717
JSON object : View
Products Affected
tenda
- ac7_firmware
- ac9
- f1202_firmware
- fh1202_firmware
- ac5_firmware
- f1202
- ac10
- ac1206_firmware
- ac5
- ac7
- fh1202
- ac9_firmware
- ac1206
- ac10_firmware
CWE
CWE-787
Out-of-bounds Write