CVE-2023-40839

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 30, 2023

Updated: Sep 7, 2023

CWE ID 78

Summary

CVE-2023-40839 is a vulnerability affecting the Tenda AC6 US/AC6V1.0BR_V15.03.05.16 firmware. The issue lies within the 'sub_ADF3C' function in the 'formSetIptv' process. An attacker can exploit this command execution vulnerability by passing unfiltered 'list' and 'vlanId' fields as parameters to 'sub_ADF3C', enabling the execution of arbitrary commands on the affected device.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Shenzhen Tenda Technology Co. Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sgdKen
https://www.cve.org/CVERecord?id=CVE-2023-40839
https://nvd.nist.gov/vuln/detail/CVE-2023-40839

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2023-40839

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations