CVE-2023-50991

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 5, 2024

Updated: Jan 9, 2024

CWE ID 120

Summary

CVE-2023-50991 is a buffer overflow vulnerability affecting Tenda i29 models with firmware versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2. An attacker can exploit this issue by sending maliciously crafted traffic to the pingSet function through the pingIp parameter. The result is a denial of service (DoS) condition, causing the affected device to become unresponsive. This vulnerability poses a significant risk and necessitates an immediate update to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Shenzhen Tenda Technology Co. Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t1xsrq
https://www.cve.org/CVERecord?id=CVE-2023-50991
https://nvd.nist.gov/vuln/detail/CVE-2023-50991

Back to Vulnerability Database

CVE-2023-50991

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations