CVE-2022-37819 — Out-of-bounds Write in Ax1803 Firmware

Severity

7.8HIGHNVD

EPSS

0.1%

top 81.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 25

Latest updateAug 26

Description

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

GHSA

GHSA-qg57-h2qj-9mrc: Tenda AX1803 v1↗2022-08-26

▶

CVEList

CVE-2022-37819: Tenda AX1803 v1↗2022-08-25

▶