Details of VAR-202203-1731

ID

VAR-202203-1731

CVE

CVE-2022-26278

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC9 Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-007443

DESCRIPTION

Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. A buffer overflow vulnerability exists in Tenda AC9 v15.03.2.21_cn. The vulnerability arises from the fact that when the time parameter in the PowerSaveSet function performs an operation on memory, the data boundary is not properly verified. An attacker can exploit this vulnerability to cause a heap buffer overflow and possibly execute arbitrary code

Trust: 2.16

sources: NVD: CVE-2022-26278 // JVNDB: JVNDB-2022-007443 // CNVD: CNVD-2022-26240

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-26240

AFFECTED PRODUCTS

vendor:	tenda	model:	ac9	scope:	eq	version:	15.03.2.21_cn	Trust: 1.0
vendor:	tenda	model:	ac9	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac9	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac9	scope:	eq	version:	ac9 firmware 15.03.2.21 cn	Trust: 0.8
vendor:	tenda	model:	ac9 v15.03.2.21 cn	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2022-26240 // JVNDB: JVNDB-2022-007443 // NVD: CVE-2022-26278

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-26278
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-26278
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2022-26240
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202203-2355
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2022-26278
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-26240
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-26278
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-26278
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-26240 // JVNDB: JVNDB-2022-007443 // CNNVD: CNNVD-202203-2355 // NVD: CVE-2022-26278

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-007443 // NVD: CVE-2022-26278

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-2355

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202203-2355

EXTERNAL IDS

db:	NVD	id:	CVE-2022-26278	Trust: 3.8
db:	JVNDB	id:	JVNDB-2022-007443	Trust: 0.8
db:	CNVD	id:	CNVD-2022-26240	Trust: 0.6
db:	CNNVD	id:	CNNVD-202203-2355	Trust: 0.6

sources: CNVD: CNVD-2022-26240 // JVNDB: JVNDB-2022-007443 // CNNVD: CNNVD-202203-2355 // NVD: CVE-2022-26278

REFERENCES

url:	https://github.com/pllrry/tenda-ac9-v15.03.2.21_cn-command-execution-vulnerability/tree/main/tenda-ac9	Trust: 3.0
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26278	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-26278/	Trust: 0.6

sources: CNVD: CNVD-2022-26240 // JVNDB: JVNDB-2022-007443 // CNNVD: CNNVD-202203-2355 // NVD: CVE-2022-26278

SOURCES

db:	CNVD	id:	CNVD-2022-26240
db:	JVNDB	id:	JVNDB-2022-007443
db:	CNNVD	id:	CNNVD-202203-2355
db:	NVD	id:	CVE-2022-26278

LAST UPDATE DATE

2024-11-23T22:04:56.356000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-26240	date:	2022-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2022-007443	date:	2023-07-14T08:37:00
db:	CNNVD	id:	CNNVD-202203-2355	date:	2022-04-06T00:00:00
db:	NVD	id:	CVE-2022-26278	date:	2024-11-21T06:53:41.157

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-26240	date:	2022-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2022-007443	date:	2023-07-14T00:00:00
db:	CNNVD	id:	CNNVD-202203-2355	date:	2022-03-28T00:00:00
db:	NVD	id:	CVE-2022-26278	date:	2022-03-28T21:15:08.773