cbcvebase.
CVE-2023-38933
published 2023-08-07

CVE-2023-38933: Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

Affected

9 ranges
VendorProductVersion rangeFixed in
tendaac10_firmware
tendaac1206_firmware
tendaac5_firmware
tendaac6_firmware
tendaac7_firmware
tendaac9_firmware
tendaf1203_firmware
tendafh1203_firmware
tendafh1205_firmware