CVE-2023-41561
First published: Wed Aug 30 2023(Updated: )
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Ac9 Firmware | =15.03.06.42_multi | |
| Tenda AC9 | =3.0 | |
| Tenda Ac5 Firmware | =15.03.06.28 | |
| Tenda AC5 | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this Tenda AC9 and AC5 issue?
The vulnerability ID is CVE-2023-41561.
What is the severity rating of CVE-2023-41561?
The severity rating of CVE-2023-41561 is critical (9.8).
Which Tenda devices are affected by CVE-2023-41561?
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 are affected by CVE-2023-41561.
What is the cause of CVE-2023-41561?
CVE-2023-41561 is caused by a stack overflow via the parameter startIp and endIp at the URL /goform/SetPptpServerCfg.
Is there a fix available for CVE-2023-41561?
At the moment, there is no information available regarding a fix for CVE-2023-41561. It is recommended to follow the vendor's security advisories for any updates.
- agent/type
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac9 firmware
- version/tenda ac9 firmware/15.03.06.42_multi
- canonical/tenda ac9
- version/tenda ac9/3.0
- canonical/tenda ac5 firmware
- version/tenda ac5 firmware/15.03.06.28
- canonical/tenda ac5
- version/tenda ac5/1.0