CVE-2023-38932

Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:f1202_firmware:1.2.0.9:*:*:*:*:*:*:*
cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tenda:pa202_firmware:1.1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:tenda:pa202:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:tenda:pw201a_firmware:1.1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:tenda:pw201a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:tenda:fh1202_firmware:1.2.0.9:*:*:*:*:*:*:*
cpe:2.3:h:tenda:fh1202:-:*:*:*:*:*:*:*

History

09 Aug 2023, 18:05

Type Values Removed Values Added
CPE cpe:2.3:h:tenda:pa202:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:fh1202_firmware:1.2.0.9:*:*:*:*:*:*:*
cpe:2.3:h:tenda:fh1202:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:pa202_firmware:1.1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:pw201a_firmware:1.1.2.5:*:*:*:*:*:*:*
cpe:2.3:o:tenda:f1202_firmware:1.2.0.9:*:*:*:*:*:*:*
cpe:2.3:h:tenda:pw201a:-:*:*:*:*:*:*:*
First Time Tenda f1202
Tenda f1202 Firmware
Tenda pw201a
Tenda pa202 Firmware
Tenda pw201a Firmware
Tenda
Tenda fh1202 Firmware
Tenda fh1202
Tenda pa202
CWE CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://www.netgear.com/about/security/ - (MISC) https://www.netgear.com/about/security/ - Not Applicable
References (MISC) https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/formSafeEmailFilter - (MISC) https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/formSafeEmailFilter - Exploit, Third Party Advisory

07 Aug 2023, 19:30

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-07 19:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-38932

Mitre link : CVE-2023-38932

CVE.ORG link : CVE-2023-38932


JSON object : View

Products Affected

tenda

  • f1202_firmware
  • fh1202_firmware
  • pw201a_firmware
  • f1202
  • pa202
  • pw201a
  • pa202_firmware
  • fh1202
CWE
CWE-787

Out-of-bounds Write