Sign-up

ID

VAR-202209-1836


CVE

CVE-2022-40861


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC18  Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-017715

DESCRIPTION

Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/. Shenzhen Tenda Technology Co.,Ltd. of AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the formSetQosBand function does not check the size of the input data. Attackers can exploit the vulnerability to cause remote code execution or denial of service

Trust: 2.16

sources: NVD: CVE-2022-40861 // JVNDB: JVNDB-2022-017715 // CNVD: CNVD-2022-88202

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-88202

AFFECTED PRODUCTS

vendor:tendamodel:ac18scope:eqversion:15.03.05.19\(6318\)

Trust: 1.0

vendor:tendamodel:ac18scope:eqversion:ac18 firmware 15.03.05.19(6318)

Trust: 0.8

vendor:tendamodel:ac18scope: - version: -

Trust: 0.8

vendor:tendamodel:ac18scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac18scope:eqversion:v15.03.05.19

Trust: 0.6

sources: CNVD: CNVD-2022-88202 // JVNDB: JVNDB-2022-017715 // NVD: CVE-2022-40861

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-40861
value: HIGH

Trust: 1.0

NVD: CVE-2022-40861
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-88202
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202209-2376
value: HIGH

Trust: 0.6

CNVD: CNVD-2022-88202
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-40861
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-40861
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-88202 // JVNDB: JVNDB-2022-017715 // CNNVD: CNNVD-202209-2376 // NVD: CVE-2022-40861

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-017715 // NVD: CVE-2022-40861

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-2376

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202209-2376

PATCH

title:Patch for Tenda AC18 formSetQosBand stack overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/372606

Trust: 0.6

title:Tenda AC18 Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=209151

Trust: 0.6

sources: CNVD: CNVD-2022-88202 // CNNVD: CNNVD-202209-2376

EXTERNAL IDS

db:NVDid:CVE-2022-40861

Trust: 3.8

db:JVNDBid:JVNDB-2022-017715

Trust: 0.8

db:CNVDid:CNVD-2022-88202

Trust: 0.6

db:CNNVDid:CNNVD-202209-2376

Trust: 0.6

sources: CNVD: CNVD-2022-88202 // JVNDB: JVNDB-2022-017715 // CNNVD: CNNVD-202209-2376 // NVD: CVE-2022-40861

REFERENCES

url:https://github.com/cpseek/router-vuls/blob/main/tenda/ac18/formsetqosband.md

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2022-40861

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-40861/

Trust: 0.6

sources: CNVD: CNVD-2022-88202 // JVNDB: JVNDB-2022-017715 // CNNVD: CNNVD-202209-2376 // NVD: CVE-2022-40861

SOURCES

db:CNVDid:CNVD-2022-88202
db:JVNDBid:JVNDB-2022-017715
db:CNNVDid:CNNVD-202209-2376
db:NVDid:CVE-2022-40861

LAST UPDATE DATE

2024-08-14T15:00:45.928000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-88202date:2022-12-18T00:00:00
db:JVNDBid:JVNDB-2022-017715date:2023-10-16T08:19:00
db:CNNVDid:CNNVD-202209-2376date:2022-09-27T00:00:00
db:NVDid:CVE-2022-40861date:2022-09-26T16:03:31.140

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-88202date:2022-12-17T00:00:00
db:JVNDBid:JVNDB-2022-017715date:2023-10-16T00:00:00
db:CNNVDid:CNNVD-202209-2376date:2022-09-23T00:00:00
db:NVDid:CVE-2022-40861date:2022-09-23T15:15:14.533