CVE-2018-14492Out-of-bounds Write in Ac10 Firmware

CWE-787Out-of-bounds Write3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 42.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Tendacn Ac10 FirmwareTendacn Ac15 FirmwareTendacn Ac18 Firmware+2 more
Timeline
PublishedJul 21
Latest updateMay 13

Description

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

NVDtendacn/ac10_firmware15.03.06.23_cn
NVDtendacn/ac7_firmware15.03.06.44_cn
NVDtendacn/ac9_firmwarev15.03.05.19\(6318\)_cn
NVDtendacn/ac15_firmware15.03.05.19_cn
NVDtendacn/ac18_firmware15.03.05.19\(6318\)_cn

🔴Vulnerability Details

2
GHSA
GHSA-q89p-88cf-m6x8: Tenda AC7 through V152022-05-13
CVEList
CVE-2018-14492: Tenda AC7 through V152018-07-21
CVE-2018-14492 — Out-of-bounds Write in Ac10 Firmware | cvebase