Sign-up

ID

VAR-202203-1214


CVE

CVE-2022-25437


TITLE

Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26242)

Trust: 0.6

sources: CNVD: CNVD-2022-26242

DESCRIPTION

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. The Tenda AC9 is a wireless router from the Chinese company Tenda. There is a buffer overflow vulnerability in Tenda AC9 version 15.03.2.21. The vulnerability arises from the fact that when the list parameter in the SetVirtualServerCfg function performs operations on memory, the data boundary is not properly verified. An attacker can exploit this vulnerability to cause arbitrary command execution

Trust: 1.44

sources: NVD: CVE-2022-25437 // CNVD: CNVD-2022-26242

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-26242

AFFECTED PRODUCTS

vendor:tendamodel:ac9scope:eqversion:15.03.2.21

Trust: 1.0

vendor:tendamodel:ac9scope:eqversion:v15.03.2.21

Trust: 0.6

sources: CNVD: CNVD-2022-26242 // NVD: CVE-2022-25437

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-25437
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2022-26242
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202203-1851
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2022-25437
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2022-26242
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-25437
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2022-26242 // CNNVD: CNNVD-202203-1851 // NVD: CVE-2022-25437

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2022-25437

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-1851

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-202203-1851

PATCH

title:Patch for Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26242)url:https://www.cnvd.org.cn/patchInfo/show/328731

Trust: 0.6

title:Tenda AC9 Fixes for command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=186932

Trust: 0.6

sources: CNVD: CNVD-2022-26242 // CNNVD: CNNVD-202203-1851

EXTERNAL IDS

db:NVDid:CVE-2022-25437

Trust: 2.2

db:CNVDid:CNVD-2022-26242

Trust: 0.6

db:CNNVDid:CNNVD-202203-1851

Trust: 0.6

sources: CNVD: CNVD-2022-26242 // CNNVD: CNNVD-202203-1851 // NVD: CVE-2022-25437

REFERENCES

url:https://github.com/ephaha/iot_vuln/tree/main/tenda/ac9/9

Trust: 2.2

url:https://cxsecurity.com/cveshow/cve-2022-25437/

Trust: 0.6

sources: CNVD: CNVD-2022-26242 // CNNVD: CNNVD-202203-1851 // NVD: CVE-2022-25437

SOURCES

db:CNVDid:CNVD-2022-26242
db:CNNVDid:CNNVD-202203-1851
db:NVDid:CVE-2022-25437

LAST UPDATE DATE

2024-11-23T22:50:51.383000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-26242date:2022-04-06T00:00:00
db:CNNVDid:CNNVD-202203-1851date:2022-03-28T00:00:00
db:NVDid:CVE-2022-25437date:2024-11-21T06:52:10.937

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-26242date:2022-04-06T00:00:00
db:CNNVDid:CNNVD-202203-1851date:2022-03-18T00:00:00
db:NVDid:CVE-2022-25437date:2022-03-18T21:15:08.170