CVE-2023-38940

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 7, 2023
Updated: Aug 9, 2023
CWE ID 787

Summary

CVE-2023-38940 is a critical vulnerability affecting Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6, and FH1205 V2.0.0.7(775) devices. The vulnerability allows for a stack overflow through the ssid parameter in the form_fast_setting_wifi_set function. The base severity score is 9.8, indicating a high-risk level with potential for unauthorized access and data compromise. The exploitability score is 3.9, suggesting it can be easily exploited over the network without requiring any user interaction or privileged access. Organizations using these affected products should update to the latest firmware versions provided by Tenda to remediate the vulnerability and mitigate the potential dangers posed by this security flaw.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-38940 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options