CVE-2023-38936
First published: Mon Aug 07 2023(Updated: )
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Ac10 Firmware | =15.03.06.23 | |
| Tenda AC10 | =1.0 | |
| Tenda Ac1206 Firmware | =15.03.06.23 | |
| Tenda AC1206 | ||
| Tenda Ac6 Firmware | =15.03.06.23 | |
| Tenda AC6 | =2.0 | |
| Tenda Ac7 Firmware | =15.03.06.44 | |
| Tenda AC7 | =1.0 | |
| Tenda F1203 Firmware | =2.0.1.6 | |
| Tenda F1203 | ||
| Tenda Ac5 Firmware | =15.03.06.28 | |
| Tenda AC5 | =1.0 | |
| Tenda Fh1203 Firmware | =2.0.1.6 | |
| Tenda FH1203 | ||
| Tenda Fh1205 Firmware | =2.0.0.7\(775\) | |
| Tenda Fh1205 | ||
| Tenda Ac9 Firmware | =15.03.06.42_multi | |
| Tenda AC9 | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-38936?
The severity of CVE-2023-38936 is critical with a CVSS score of 9.8.
Which Tenda products are affected by CVE-2023-38936?
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) are affected by CVE-2023-38936.
What is the vulnerability description of CVE-2023-38936?
CVE-2023-38936 is a stack overflow vulnerability caused by the speed_dir parameter in the formSetSpeedWan function of Tenda AC10, AC1206, AC6, AC7, AC5, FH1203, AC9, and FH1205 devices.
How severe is the vulnerability in Tenda AC10 V1.0 V15.03.06.23?
The vulnerability in Tenda AC10 V1.0 V15.03.06.23 is critical with a CVSS score of 9.8.
How can I fix CVE-2023-38936?
To fix CVE-2023-38936, it is recommended to update the firmware of the affected Tenda devices to a patched version provided by the vendor.
- agent/author
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/description
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac10 firmware
- version/tenda ac10 firmware/15.03.06.23
- canonical/tenda ac10
- version/tenda ac10/1.0
- canonical/tenda ac1206 firmware
- version/tenda ac1206 firmware/15.03.06.23
- canonical/tenda ac1206
- canonical/tenda ac6 firmware
- version/tenda ac6 firmware/15.03.06.23
- canonical/tenda ac6
- version/tenda ac6/2.0
- canonical/tenda ac7 firmware
- version/tenda ac7 firmware/15.03.06.44
- canonical/tenda ac7
- version/tenda ac7/1.0
- canonical/tenda f1203 firmware
- version/tenda f1203 firmware/2.0.1.6
- canonical/tenda f1203
- canonical/tenda ac5 firmware
- version/tenda ac5 firmware/15.03.06.28
- canonical/tenda ac5
- version/tenda ac5/1.0
- canonical/tenda fh1203 firmware
- version/tenda fh1203 firmware/2.0.1.6
- canonical/tenda fh1203
- canonical/tenda fh1205 firmware
- version/tenda fh1205 firmware/2.0.0.7\(775\)
- canonical/tenda fh1205
- canonical/tenda ac9 firmware
- version/tenda ac9 firmware/15.03.06.42_multi
- canonical/tenda ac9
- version/tenda ac9/3.0