CVE-2022-28082 β€” Out-of-bounds Write in Ax12 Firmware

CWE-787 β€” Out-of-bounds Write3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 29.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda Ax12 Firmware
Timeline
PublishedMay 4
Latest updateMay 5

Description

Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

β–ΆNVDtenda/ax12_firmware22.03.01.21_cn

πŸ”΄Vulnerability Details

2
GHSA
GHSA-phmr-f56m-2v9w: Tenda AX12 v22β†—2022-05-05
β–Ά
CVEList
CVE-2022-28082: Tenda AX12 v22β†—2022-05-04
β–Ά
CVE-2022-28082 β€” Out-of-bounds Write in Tenda | cvebase