Lucene search

MitreCVE-2020-13394

HistoryMay 22, 2020 - 5:15 p.m.

CVE-2020-13394

2020-05-2217:15:11

CWE-120

mitre

web.nvd.nist.gov

tenda

router

buffer overflow

vulnerability

cve-2020-13394

security incident

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router’s web server – httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.

Affected configurations

Nvd

Node

tendacnac6_firmwareMatchv15.03.05.19_multi_td01

AND

tendacnac6Match1.0

Node

tendacnac9_firmwareMatchv15.03.05.19\(6318\)

AND

tendacnac9Match1.0

Node

tendacnac15_firmwareMatchv15.03.05.19_multi_td01

AND

tendacnac15Match1.0

Node

tendacnac18_firmwareMatchv15.03.05.19\(6318\)

AND

tendacnac18Match-

Node

tendacnac9_firmwareMatchv15.03.06.42_multi

AND

tendacnac9Match3.0

VendorProductVersionCPE
tendacnac6_firmwarev15.03.05.19_multi_td01cpe:2.3:o:tendacn:ac6_firmware:v15.03.05.19_multi_td01:*:*:*:*:*:*:*
tendacnac61.0cpe:2.3:h:tendacn:ac6:1.0:*:*:*:*:*:*:*
tendacnac9_firmwarev15.03.05.19(6318)cpe:2.3:o:tendacn:ac9_firmware:v15.03.05.19\(6318\):*:*:*:*:*:*:*
tendacnac91.0cpe:2.3:h:tendacn:ac9:1.0:*:*:*:*:*:*:*
tendacnac15_firmwarev15.03.05.19_multi_td01cpe:2.3:o:tendacn:ac15_firmware:v15.03.05.19_multi_td01:*:*:*:*:*:*:*
tendacnac151.0cpe:2.3:h:tendacn:ac15:1.0:*:*:*:*:*:*:*
tendacnac18_firmwarev15.03.05.19(6318)cpe:2.3:o:tendacn:ac18_firmware:v15.03.05.19\(6318\):*:*:*:*:*:*:*
tendacnac18-cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*
tendacnac9_firmwarev15.03.06.42_multicpe:2.3:o:tendacn:ac9_firmware:v15.03.06.42_multi:*:*:*:*:*:*:*
tendacnac93.0cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tendacn	ac6_firmware	v15.03.05.19_multi_td01	cpe:2.3:o:tendacn:ac6_firmware:v15.03.05.19_multi_td01:::::::*
tendacn	ac6	1.0	cpe:2.3:h:tendacn:ac6:1.0:::::::*
tendacn	ac9_firmware	v15.03.05.19(6318)	cpe:2.3:o:tendacn:ac9_firmware:v15.03.05.19\(6318\):::::::*
tendacn	ac9	1.0	cpe:2.3:h:tendacn:ac9:1.0:::::::*
tendacn	ac15_firmware	v15.03.05.19_multi_td01	cpe:2.3:o:tendacn:ac15_firmware:v15.03.05.19_multi_td01:::::::*
tendacn	ac15	1.0	cpe:2.3:h:tendacn:ac15:1.0:::::::*
tendacn	ac18_firmware	v15.03.05.19(6318)	cpe:2.3:o:tendacn:ac18_firmware:v15.03.05.19\(6318\):::::::*
tendacn	ac18	-	cpe:2.3:h:tendacn:ac18:-:::::::*
tendacn	ac9_firmware	v15.03.06.42_multi	cpe:2.3:o:tendacn:ac9_firmware:v15.03.06.42_multi:::::::*
tendacn	ac9	3.0	cpe:2.3:h:tendacn:ac9:3.0:::::::*

References

joel-malwarebenchmark.github.io

joel-malwarebenchmark.github.io/blog/2020/04/28/cve-2020-13394-Tenda-vulnerability/

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

Related for CVE-2020-13394