CVE-2022-24158
Published on: 02/03/2022 12:00:00 AM UTC
Last Modified on: 02/07/2022 04:47:00 PM UTC
Certain versions of Ax3 from Tenda contain the following vulnerability:
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
- CVE-2022-24158 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | NONE | HIGH |
CVSS2 Score: 7.8 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | NONE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
my_vuln/23.md at main · pjqwudi/my_vuln · GitHub | github.com text/html | MISC github.com/pjqwudi/my_vuln/blob/main/Tenda/vuln_23/23.md |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Hardware | Tenda | Ax3 | - | All | All | All |
Operating System | Tenda | Ax3 Firmware | 16.03.12.10_cn | All | All | All |
- cpe:2.3:h:tenda:ax3:-:*:*:*:*:*:*:*:
- cpe:2.3:o:tenda:ax3_firmware:16.03.12.10_cn:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
@CVEreport | CVE-2022-24158 : Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetIpMacB… twitter.com/i/web/status/1… | 2022-02-04 02:12:24 |