Sign-up

ID

VAR-202203-1216


CVE

CVE-2022-25440


TITLE

Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26243)

Trust: 0.6

sources: CNVD: CNVD-2022-26243

DESCRIPTION

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. The Tenda AC9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC9 version 15.03.2.21. The vulnerability arises from the fact that when the ntpserver parameter in the SetSysTimeCfg function performs operations on memory, the data boundary is not properly verified. An attacker can exploit this vulnerability to cause arbitrary command execution

Trust: 1.44

sources: NVD: CVE-2022-25440 // CNVD: CNVD-2022-26243

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-26243

AFFECTED PRODUCTS

vendor:tendamodel:ac9scope:eqversion:15.03.2.21

Trust: 1.0

vendor:tendamodel:ac9scope:eqversion:v15.03.2.21

Trust: 0.6

sources: CNVD: CNVD-2022-26243 // NVD: CVE-2022-25440

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-25440
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2022-26243
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202203-1848
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2022-25440
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2022-26243
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-25440
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2022-26243 // CNNVD: CNNVD-202203-1848 // NVD: CVE-2022-25440

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2022-25440

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-1848

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-202203-1848

PATCH

title:Patch for Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26243)url:https://www.cnvd.org.cn/patchInfo/show/328726

Trust: 0.6

title:Tenda AC9 Fixes for command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=186929

Trust: 0.6

sources: CNVD: CNVD-2022-26243 // CNNVD: CNNVD-202203-1848

EXTERNAL IDS

db:NVDid:CVE-2022-25440

Trust: 2.2

db:CNVDid:CNVD-2022-26243

Trust: 0.6

db:CNNVDid:CNNVD-202203-1848

Trust: 0.6

sources: CNVD: CNVD-2022-26243 // CNNVD: CNNVD-202203-1848 // NVD: CVE-2022-25440

REFERENCES

url:https://github.com/ephaha/iot_vuln/tree/main/tenda/ac9/13

Trust: 2.2

url:https://cxsecurity.com/cveshow/cve-2022-25440/

Trust: 0.6

sources: CNVD: CNVD-2022-26243 // CNNVD: CNNVD-202203-1848 // NVD: CVE-2022-25440

SOURCES

db:CNVDid:CNVD-2022-26243
db:CNNVDid:CNNVD-202203-1848
db:NVDid:CVE-2022-25440

LAST UPDATE DATE

2024-11-23T22:50:51.362000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-26243date:2022-04-06T00:00:00
db:CNNVDid:CNNVD-202203-1848date:2022-03-28T00:00:00
db:NVDid:CVE-2022-25440date:2024-11-21T06:52:11.337

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-26243date:2022-04-06T00:00:00
db:CNNVDid:CNNVD-202203-1848date:2022-03-18T00:00:00
db:NVDid:CVE-2022-25440date:2022-03-18T21:15:08.283