CVE-2022-40072Out-of-bounds Write in Ac21 Firmware

CWE-787Out-of-bounds WriteCWE-476NULL Pointer Dereference4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 42.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda Ac21 Firmware
Timeline
PublishedSep 19
Latest updateFeb 26

Description

Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDtenda/ac21_firmware16.03.08.15

🔴Vulnerability Details

2
GHSA
GHSA-9p4q-6wwf-qpr7: Tenda AC21 V 162022-09-20
CVEList
CVE-2022-40072: Tenda AC21 V 162022-09-19

📋Vendor Advisories

1
Red Hat
kernel: xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue2025-02-26
CVE-2022-40072 — Out-of-bounds Write in Tenda | cvebase