CVE-2023-38932

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.1%

top 68.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tenda F1202 Firmware Tenda Fh1202 Firmware Tenda Pa202 Firmware +1 more

Timeline

PublishedAug 7

Description

Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDtenda/f1202_firmware1.2.0.9

▶NVDtenda/pa202_firmware1.1.2.5

▶NVDtenda/fh1202_firmware1.2.0.9

▶NVDtenda/pw201a_firmware1.1.2.5

🔴Vulnerability Details

CVEList

CVE-2023-38932: Tenda F1202 V1↗2023-08-07

▶

GHSA

GHSA-cmvp-x26h-66jv: Tenda F1202 V1↗2023-08-07

▶