CVE-2022-28556: Buffer Overflow
First published: Wed May 04 2022(Updated: )
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda ac15 firmware | =15.03.05.20_multi_tde01 | |
| Tenda AC15 | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Tenda AC15 firmware?
The vulnerability ID for this Tenda AC15 firmware is CVE-2022-28556.
What is the severity of CVE-2022-28556?
The severity of CVE-2022-28556 is high, with a severity value of 7.5.
What is the affected software for CVE-2022-28556?
The affected software for CVE-2022-28556 is Tenda AC15 firmware version 15.03.05.20_multi_tde01.
How does CVE-2022-28556 affect Tenda AC15?
CVE-2022-28556 affects Tenda AC15 by allowing a stack overflow vulnerability in the /goform/setpptpservercfg interface of the web.
Is Tenda AC15 version 1.0 affected by CVE-2022-28556?
No, Tenda AC15 version 1.0 is not affected by CVE-2022-28556.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/severity
- agent/references
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac15 firmware
- version/tenda ac15 firmware/15.03.05.20_multi_tde01
- canonical/tenda ac15
- version/tenda ac15/1.0