CVE-2023-44018

Summary

CVE-2023-44018 is a critical vulnerability found in Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 router firmware. It is caused by a stack overflow in the add_white_node function due to the domain parameter. The vulnerability has a base severity score of 9.8 and high impact on confidentiality, integrity, and availability of the affected system. The exploitability score is 3.9, indicating it is relatively easy to exploit without requiring any privileges or user interaction. This vulnerability poses a significant danger to organizations using this specific router firmware version as it can be exploited remotely over the network, potentially leading to unauthorized access, data breaches, or system disruptions. It is recommended to remediate this vulnerability by installing an updated and patched version of the firmware provided by Tenda or applying any available security patches promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.