CVE-2023-40845: Buffer Overflow
First published: Wed Aug 30 2023(Updated: )
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Ac6 Firmware | =15.03.05.16 | |
| Tenda AC6 | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Tenda AC6 firmware vulnerability?
The vulnerability ID for this Tenda AC6 firmware vulnerability is CVE-2023-40845.
What is the severity level of CVE-2023-40845?
CVE-2023-40845 has a severity level of critical, with a severity value of 9.8.
How does this vulnerability occur in Tenda AC6 firmware?
This vulnerability occurs in Tenda AC6 firmware due to a buffer overflow in the 'sub_34FD0' function, where user-provided parameters are read and passed without length checks.
Which versions of Tenda AC6 firmware are affected by CVE-2023-40845?
Version 15.03.05.16 of Tenda AC6 firmware is affected by CVE-2023-40845.
Is the Tenda AC6 hardware version 1.0 vulnerable to this vulnerability?
No, the Tenda AC6 hardware version 1.0 is not vulnerable to this vulnerability.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/event
- agent/tags
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/tenda
- canonical/tenda ac6 firmware
- version/tenda ac6 firmware/15.03.05.16
- canonical/tenda ac6
- version/tenda ac6/1.0