CVE-2022-40874

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.
References
Link Resource
https://www.cnblogs.com/L0g4n-blog/p/16695155.html Exploit Third Party Advisory
https://www.cnblogs.com/L0g4n-blog/p/16695155.html Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:22

Type Values Removed Values Added
References () https://www.cnblogs.com/L0g4n-blog/p/16695155.html - Exploit, Third Party Advisory () https://www.cnblogs.com/L0g4n-blog/p/16695155.html - Exploit, Third Party Advisory

28 Oct 2022, 18:40

Type Values Removed Values Added
References (MISC) https://www.cnblogs.com/L0g4n-blog/p/16695155.html - (MISC) https://www.cnblogs.com/L0g4n-blog/p/16695155.html - Exploit, Third Party Advisory
CWE CWE-787
CPE cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

27 Oct 2022, 18:44

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-27 18:15

Updated : 2024-11-21 07:22


NVD link : CVE-2022-40874

Mitre link : CVE-2022-40874

CVE.ORG link : CVE-2022-40874


JSON object : View

Products Affected

tenda

  • ax1803
  • ax1803_firmware
CWE
CWE-787

Out-of-bounds Write