CVE-2023-40838

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 30, 2023
Updated: Sep 1, 2023
CWE ID 78

Summary

CVE-2023-40838 is a newly disclosed vulnerability affecting the Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin firmware. The issue resides within the 'sub_3A1D0' function, which contains a command execution vulnerability. An attacker can exploit this flaw to gain unauthorized control over the affected device, potentially leading to serious security consequences. Users are strongly advised to update their firmware to a secure and patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share