CVE-2023-44018

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 27, 2023
CWE ID 119

Summary

CVE-2023-44018 is a critical vulnerability found in Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 router firmware. It is caused by a stack overflow in the add_white_node function due to the domain parameter. The vulnerability has a base severity score of 9.8 and high impact on confidentiality, integrity, and availability of the affected system. The exploitability score is 3.9, indicating it is relatively easy to exploit without requiring any privileges or user interaction. This vulnerability poses a significant danger to organizations using this specific router firmware version as it can be exploited remotely over the network, potentially leading to unauthorized access, data breaches, or system disruptions. It is recommended to remediate this vulnerability by installing an updated and patched version of the firmware provided by Tenda or applying any available security patches promptly.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44018 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options