CVE-2023-43886 β€” Out-of-bounds Write in RX9 PRO Firmware

CWE-787 β€” Out-of-bounds Write3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 65.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda RX9 PRO Firmware
Timeline
PublishedNov 7
Latest updateNov 16

Description

A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 2.8 | Impact: 4.2

Affected Packages1 packages

β–ΆNVDtenda/rx9_pro_firmware22.03.02.10

πŸ”΄Vulnerability Details

2
GHSA
GHSA-764w-jhrm-cmvw: A buffer overflow in the HTTP server component of Tenda RX9 Pro v22β†—2023-11-16
β–Ά
CVEList
CVE-2023-43886: A buffer overflow in the HTTP server component of Tenda RX9 Pro v22β†—2023-11-07
β–Ά
CVE-2023-43886 β€” Out-of-bounds Write in Tenda | cvebase