CVE-2023-49047
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-49047 is a stack overflow vulnerability affecting Tenda AX1803 v1.0.0.1. The issue lies within the function formSetDeviceName, which can be exploited by supplying maliciously crafted input through the devName parameter. A stack overflow occurs when the function processes more data than intended, leading to an unintended program behavior or a denial-of-service condition. Successful exploitation may result in crashing the device or potentially allowing an attacker to execute arbitrary code. It is recommended that users update their Tenda AX1803 firmware to a non-vulnerable version as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Shenzhen Tenda Technology Co. Ltd