CVE-2023-38931
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-25 CVE Reserved
- 2023-08-07 CVE Published
- 2024-09-08 EPSS Updated
- 2024-10-17 CVE Updated
- 2024-10-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/cloudv2_setaccount/README.md | 2024-10-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tenda Search vendor "Tenda" | Ac10 Firmware Search vendor "Tenda" for product "Ac10 Firmware" | 15.03.06.23 Search vendor "Tenda" for product "Ac10 Firmware" and version "15.03.06.23" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac10 Search vendor "Tenda" for product "Ac10" | 1.0 Search vendor "Tenda" for product "Ac10" and version "1.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac1206 Firmware Search vendor "Tenda" for product "Ac1206 Firmware" | 15.03.06.23 Search vendor "Tenda" for product "Ac1206 Firmware" and version "15.03.06.23" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac1206 Search vendor "Tenda" for product "Ac1206" | - | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac8 Firmware Search vendor "Tenda" for product "Ac8 Firmware" | 16.03.34.06 Search vendor "Tenda" for product "Ac8 Firmware" and version "16.03.34.06" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac8 Search vendor "Tenda" for product "Ac8" | 4.0 Search vendor "Tenda" for product "Ac8" and version "4.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac6 Firmware Search vendor "Tenda" for product "Ac6 Firmware" | 15.03.06.23 Search vendor "Tenda" for product "Ac6 Firmware" and version "15.03.06.23" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac6 Search vendor "Tenda" for product "Ac6" | 2.0 Search vendor "Tenda" for product "Ac6" and version "2.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac7 Firmware Search vendor "Tenda" for product "Ac7 Firmware" | 15.03.06.44 Search vendor "Tenda" for product "Ac7 Firmware" and version "15.03.06.44" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac7 Search vendor "Tenda" for product "Ac7" | 1.0 Search vendor "Tenda" for product "Ac7" and version "1.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | F1203 Firmware Search vendor "Tenda" for product "F1203 Firmware" | 2.0.1.6 Search vendor "Tenda" for product "F1203 Firmware" and version "2.0.1.6" | - |
Affected
| in | Tenda Search vendor "Tenda" | F1203 Search vendor "Tenda" for product "F1203" | - | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac5 Firmware Search vendor "Tenda" for product "Ac5 Firmware" | 15.03.06.28 Search vendor "Tenda" for product "Ac5 Firmware" and version "15.03.06.28" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac5 Search vendor "Tenda" for product "Ac5" | 1.0 Search vendor "Tenda" for product "Ac5" and version "1.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | Ac10 Firmware Search vendor "Tenda" for product "Ac10 Firmware" | 16.03.10.13 Search vendor "Tenda" for product "Ac10 Firmware" and version "16.03.10.13" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac10 Search vendor "Tenda" for product "Ac10" | 4.0 Search vendor "Tenda" for product "Ac10" and version "4.0" | - |
Safe
|
| Tenda Search vendor "Tenda" | Fh1203 Firmware Search vendor "Tenda" for product "Fh1203 Firmware" | 2.0.1.6 Search vendor "Tenda" for product "Fh1203 Firmware" and version "2.0.1.6" | - |
Affected
| in | Tenda Search vendor "Tenda" | Fh1203 Search vendor "Tenda" for product "Fh1203" | - | - |
Safe
|