CVE-2023-37723

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 14, 2023

Updated: Jul 21, 2023

CWE ID 787

Summary

CVE-2023-37723 refers to a stack overflow vulnerability discovered in Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN firmware versions. This issue is found in the page parameter of the function fromqossetting, which can be exploited by malicious actors to inject and execute arbitrary code. Successful exploitation could lead to unauthorized access, data theft, or denial of service attacks. Users are strongly advised to update their devices to the latest firmware as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Shenzhen Tenda Technology Co. Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-_9Pb
https://www.cve.org/CVERecord?id=CVE-2023-37723
https://nvd.nist.gov/vuln/detail/CVE-2023-37723

Back to Vulnerability Database

CVE-2023-37723

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations