CVE-2023-40897
First published: Thu Aug 24 2023(Updated: )
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Ac8v4 Firmware | =16.03.34.06 | |
| Tenda AC8V4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Tenda AC8v4 firmware?
The vulnerability ID for this Tenda AC8v4 firmware is CVE-2023-40897.
What is the severity of CVE-2023-40897?
The severity of CVE-2023-40897 is critical with a CVSS score of 9.8.
How does CVE-2023-40897 impact the Tenda AC8v4 firmware?
CVE-2023-40897 allows an attacker to trigger a stack overflow via the 'mac' parameter in the '/goform/GetParentControlInfo' endpoint, potentially leading to remote code execution or denial of service.
Which version of the Tenda AC8v4 firmware is affected by CVE-2023-40897?
CVE-2023-40897 affects the Tenda AC8v4 firmware version 16.03.34.06.
Is Tenda AC8V4 hardware affected by CVE-2023-40897?
No, the Tenda AC8V4 hardware itself is not affected by CVE-2023-40897.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/epss
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac8v4 firmware
- version/tenda ac8v4 firmware/16.03.34.06
- canonical/tenda ac8v4