CVE-2023-39670

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 18, 2023
Updated: Aug 23, 2023
CWE ID 120

Summary

CVE-2023-39670 is a newly identified buffer overflow vulnerability affecting the Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 firmware. The issue arises due to the insecure usage of the function fgets, which leads to an excessive data input. An attacker can exploit this vulnerability by sending maliciously crafted data to the affected device, potentially leading to unintended system behavior or even complete takeover. This poses a significant risk to network security and requires immediate attention from users and manufacturers alike. It is advised to apply the latest available firmware updates to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share