CVE-2023-44014

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 27, 2023

CWE ID 119

Summary

CVE-2023-44014 is a newly identified vulnerability affecting the Tenda AC10U v1.0 and US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 firmware. This issue is caused by multiple stack overflows in the formSetMacFilterCfg function. The vulnerability can be exploited through the macFilterType and deviceList parameters, potentially leading to unintended code execution and serious security consequences. Users of the affected devices are advised to update their firmware as soon as a patch becomes available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/syXvLe
https://www.cve.org/CVERecord?id=CVE-2023-44014
https://nvd.nist.gov/vuln/detail/CVE-2023-44014

Back to Vulnerability Database

CVE-2023-44014

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations