CVE-2023-49042
First published: Mon Nov 27 2023(Updated: )
Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Tenda Ax1803 Firmware | =1.0.0.1 | |
| Tenda AX1803 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-49042?
The severity of CVE-2023-49042 is critical with a CVSS score of 9.8.
How does the Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 impact a system?
The Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code, which can lead to a full compromise of the affected system.
How can the Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 be exploited?
The vulnerability can be exploited by sending malicious input via the schedStartTime or schedEndTime parameters in the setSchedWifi function.
Is Tenda AX1803 version 1.0.0.1 affected by the Heap Overflow vulnerability?
Yes, Tenda AX1803 version 1.0.0.1 is affected by the Heap Overflow vulnerability.
How can I fix the Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1?
Update Tenda AX1803 firmware to a version that does not contain the Heap Overflow vulnerability, if available. Contact the vendor for further assistance.
- collector/nvd-api
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ax1803 firmware
- version/tenda ax1803 firmware/1.0.0.1
- canonical/tenda ax1803