// For flags

CVE-2022-30040

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.

Tenda AX1803 versión v1.0.0.1_2890, es vulnerable a un desbordamiento del búfer. La vulnerabilidad radica en rootfs_ En / goform / setsystimecfg de / bin / tdhttpd en el sistema de archivos ubif, los atacantes pueden acceder a http://ip/goform/SetSysTimeCfg, y mediante la configuración del parámetro ntpserve, el desbordamiento del búfer de la pila puede ser causado para lograr el efecto de denegación de servicio del router

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-05-02 CVE Reserved
  • 2022-05-11 CVE Published
  • 2023-12-02 EPSS Updated
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tenda
Search vendor "Tenda"
 Ax1803 Firmware
Search vendor "Tenda" for product "Ax1803 Firmware"
 1.0.0.1_2890
Search vendor "Tenda" for product "Ax1803 Firmware" and version "1.0.0.1_2890"
-
Affected
in Tenda
Search vendor "Tenda"
 Ax1803
Search vendor "Tenda" for product "Ax1803"
--
Safe