// For flags

CVE-2018-14492

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.

Los dispositivos Tenda AC7 hasta la versión V15.03.06.44_CN, AC9 hasta la versión V15.03.05.19(6318)_CN y AC10 hasta la versión V15.03.06.23_CN tienen un desbordamiento de búfer basado en pila mediante unos parámetros limitSpeed o limitSpeedup largos en un URI /goform sin especificar.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-07-21 CVE Reserved
  • 2018-07-21 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-16 First Exploit
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tendacn
Search vendor "Tendacn"
Ac7 Firmware
Search vendor "Tendacn" for product "Ac7 Firmware"
<= 15.03.06.44_cn
Search vendor "Tendacn" for product "Ac7 Firmware" and version " <= 15.03.06.44_cn"
-
Affected
in Tendacn
Search vendor "Tendacn"
Ac7
Search vendor "Tendacn" for product "Ac7"
--
Safe
Tendacn
Search vendor "Tendacn"
Ac9 Firmware
Search vendor "Tendacn" for product "Ac9 Firmware"
<= v15.03.05.19\(6318\)_cn
Search vendor "Tendacn" for product "Ac9 Firmware" and version " <= v15.03.05.19\(6318\)_cn"
-
Affected
in Tendacn
Search vendor "Tendacn"
Ac9
Search vendor "Tendacn" for product "Ac9"
--
Safe
Tendacn
Search vendor "Tendacn"
Ac10 Firmware
Search vendor "Tendacn" for product "Ac10 Firmware"
<= 15.03.06.23_cn
Search vendor "Tendacn" for product "Ac10 Firmware" and version " <= 15.03.06.23_cn"
-
Affected
in Tendacn
Search vendor "Tendacn"
Ac10
Search vendor "Tendacn" for product "Ac10"
--
Safe
Tendacn
Search vendor "Tendacn"
Ac15 Firmware
Search vendor "Tendacn" for product "Ac15 Firmware"
<= 15.03.05.19_cn
Search vendor "Tendacn" for product "Ac15 Firmware" and version " <= 15.03.05.19_cn"
-
Affected
in Tendacn
Search vendor "Tendacn"
Ac15
Search vendor "Tendacn" for product "Ac15"
--
Safe
Tendacn
Search vendor "Tendacn"
Ac18 Firmware
Search vendor "Tendacn" for product "Ac18 Firmware"
<= 15.03.05.19\(6318\)_cn
Search vendor "Tendacn" for product "Ac18 Firmware" and version " <= 15.03.05.19\(6318\)_cn"
-
Affected
in Tendacn
Search vendor "Tendacn"
Ac18
Search vendor "Tendacn" for product "Ac18"
--
Safe