Lucene search

MitreCVE-2022-40862

HistorySep 23, 2022 - 2:15 p.m.

CVE-2022-40862

2022-09-2314:15:13

CWE-787

mitre

web.nvd.nist.gov

cve-2022-40862

tenda

ac15

ac18

router

v15.03.05.19

stack overflow

vulnerability

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting

Affected configurations

Nvd

Node

tendacnac15_firmwareMatch15.03.05.19

AND

tendacnac15Match-

Node

tendacnac18_firmwareMatch15.03.05.19

AND

tendacnac18Match-

VendorProductVersionCPE
tendacnac15_firmware15.03.05.19cpe:2.3:o:tendacn:ac15_firmware:15.03.05.19:*:*:*:*:*:*:*
tendacnac15-cpe:2.3:h:tendacn:ac15:-:*:*:*:*:*:*:*
tendacnac18_firmware15.03.05.19cpe:2.3:o:tendacn:ac18_firmware:15.03.05.19:*:*:*:*:*:*:*
tendacnac18-cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tendacn	ac15_firmware	15.03.05.19	cpe:2.3:o:tendacn:ac15_firmware:15.03.05.19:::::::*
tendacn	ac15	-	cpe:2.3:h:tendacn:ac15:-:::::::*
tendacn	ac18_firmware	15.03.05.19	cpe:2.3:o:tendacn:ac18_firmware:15.03.05.19:::::::*
tendacn	ac18	-	cpe:2.3:h:tendacn:ac18:-:::::::*

References

github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromNatStaticSetting.md

github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/fromNatStaticSetting.md

Social References

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

Related for CVE-2022-40862