CVE-2023-41552

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 30, 2023
Updated: Aug 31, 2023
CWE ID 787

Summary

CVE-2023-41552: A stack overflow vulnerability has been identified in the Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi firmware. This issue can be exploited by sending maliciously crafted ssid parameters to the /goform/fast_setting_wifi_set URL, potentially allowing attackers to execute arbitrary code or cause the device to crash. The vulnerability poses a serious risk to network security and requires immediate attention from Tenda to release a patch.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share