CVE-2023-37718

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 14, 2023

Updated: Jul 21, 2023

CWE ID 787

Summary

CVE-2023-37718 is a newly identified stack overflow vulnerability affecting Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN routers. The issue lies in the page parameter of the fromSafeClientFilter function, which can be exploited by malicious actors to execute arbitrary code and potentially take control of the affected devices. Successful exploitation may result in unauthorized access, data theft, or other malicious activities. Users are advised to update their routers' firmware as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Shenzhen Tenda Technology Co. Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-_sNK
https://www.cve.org/CVERecord?id=CVE-2023-37718
https://nvd.nist.gov/vuln/detail/CVE-2023-37718

Back to Vulnerability Database

CVE-2023-37718

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations