CVE-2023-45484

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 29, 2023

Updated: Dec 1, 2023

CWE ID 787

Summary

CVE-2023-45484 refers to a stack overflow vulnerability in the Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn firmware. This issue is caused by an incorrect handling of the shareSpeed parameter in the fromSetWifiGuestBasic function. A maliciously crafted input could lead to a stack overflow, potentially allowing an attacker to execute arbitrary code and gain unauthorized access to the affected device. This vulnerability poses a significant risk to users and requires immediate attention to apply available patches or upgrades to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Shenzhen Tenda Technology Co. Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s8JOHF
https://www.cve.org/CVERecord?id=CVE-2023-45484
https://nvd.nist.gov/vuln/detail/CVE-2023-45484

Back to Vulnerability Database

CVE-2023-45484

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations