16 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1

The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn • https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/get_parentControl_list_Info • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. • https://github.com/lst-oss/Vulnerability/blob/main/Tenda/AC23/sub_450A4C • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. • https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/compare_parentcontrol_time • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn • https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_451784 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. • https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter • CWE-20: Improper Input Validation •