CVE-2023-44016

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 27, 2023

CWE ID 119

Summary

CVE-2023-44016 is a newly disclosed vulnerability affecting the US_AC10UV1.0RTL_V15.03.06.49 firmware of Tenda AC10U v1.0 devices. The issue lies within the addWifiMacFilter function, which contains a stack overflow vulnerability. An attacker can exploit this flaw by sending a specially crafted deviceId parameter to the affected device, causing it to enter an unstable state and potentially allowing code injection or remote execution. This vulnerability poses a serious threat to network security and requires immediate patching to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/syYHXB
https://www.cve.org/CVERecord?id=CVE-2023-44016
https://nvd.nist.gov/vuln/detail/CVE-2023-44016

Back to Vulnerability Database

CVE-2023-44016

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations