Details of VAR-202203-0587

ID

VAR-202203-0587

CVE

CVE-2022-25435

TITLE

Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26244)

Trust: 0.6

sources: CNVD: CNVD-2022-26244

DESCRIPTION

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. The Tenda AC9 is a wireless router from the Chinese company Tenda. There is a buffer overflow vulnerability in Tenda AC9 15.03.2.21. The vulnerability arises from the fact that when the list parameter in the SetStaticRoutecfg function performs operations on memory, the data boundary is not properly verified. An attacker can exploit this vulnerability to execute arbitrary commands

Trust: 1.44

sources: NVD: CVE-2022-25435 // CNVD: CNVD-2022-26244

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-26244

AFFECTED PRODUCTS

vendor:	tenda	model:	ac9	scope:	eq	version:	15.03.2.21	Trust: 1.0
vendor:	tenda	model:	ac9	scope:	eq	version:	v15.03.2.21	Trust: 0.6

sources: CNVD: CNVD-2022-26244 // NVD: CVE-2022-25435

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-25435
value:	CRITICAL
Trust: 1.0
CNVD:	CNVD-2022-26244
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202203-1852
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2022-25435
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2022-26244
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-25435
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2022-26244 // CNNVD: CNNVD-202203-1852 // NVD: CVE-2022-25435

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.0

sources: NVD: CVE-2022-25435

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-1852

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-202203-1852

PATCH

title:	Patch for Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26244)	url:	https://www.cnvd.org.cn/patchInfo/show/328721	Trust: 0.6
title:	Tenda AC9 Fixes for command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=186933	Trust: 0.6

sources: CNVD: CNVD-2022-26244 // CNNVD: CNNVD-202203-1852

EXTERNAL IDS

db:	NVD	id:	CVE-2022-25435	Trust: 2.2
db:	CNVD	id:	CNVD-2022-26244	Trust: 0.6
db:	CNNVD	id:	CNNVD-202203-1852	Trust: 0.6

sources: CNVD: CNVD-2022-26244 // CNNVD: CNNVD-202203-1852 // NVD: CVE-2022-25435

REFERENCES

url:	https://github.com/ephaha/iot_vuln/tree/main/tenda/ac9/7	Trust: 2.2
url:	https://cxsecurity.com/cveshow/cve-2022-25435/	Trust: 0.6

sources: CNVD: CNVD-2022-26244 // CNNVD: CNNVD-202203-1852 // NVD: CVE-2022-25435

SOURCES

db:	CNVD	id:	CNVD-2022-26244
db:	CNNVD	id:	CNNVD-202203-1852
db:	NVD	id:	CVE-2022-25435

LAST UPDATE DATE

2024-11-23T22:29:06.854000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-26244	date:	2022-04-06T00:00:00
db:	CNNVD	id:	CNNVD-202203-1852	date:	2022-03-28T00:00:00
db:	NVD	id:	CVE-2022-25435	date:	2024-11-21T06:52:10.793

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-26244	date:	2022-04-06T00:00:00
db:	CNNVD	id:	CNNVD-202203-1852	date:	2022-03-18T00:00:00
db:	NVD	id:	CVE-2022-25435	date:	2022-03-18T21:15:08.130