Details of VAR-202309-2434

ID

VAR-202309-2434

CVE

CVE-2023-44022

TITLE

Tenda of AC10U Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2023-013146

DESCRIPTION

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. Tenda of AC10U A buffer error vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10U is a wireless router made by the Chinese company Tenda. Tenda AC10U has a buffer overflow vulnerability. This vulnerability is caused by the speed_dir parameter in the formSetSpeedWan function failing to correctly verify the length of the input data. An attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Trust: 2.16

sources: NVD: CVE-2023-44022 // JVNDB: JVNDB-2023-013146 // CNVD: CNVD-2024-13797

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-13797

AFFECTED PRODUCTS

vendor:	tendacn	model:	ac10u	scope:	eq	version:	15.03.06.49_multi_tde01	Trust: 1.0
vendor:	tenda	model:	ac10u	scope:	eq	version:	ac10u firmware 15.03.06.49 multi tde01	Trust: 0.8
vendor:	tenda	model:	ac10u	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac10u	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac10u us ac10uv1.0rtl v15.03.06.49 multi tde01	scope:	eq	version:	v1.0	Trust: 0.6

sources: CNVD: CNVD-2024-13797 // JVNDB: JVNDB-2023-013146 // NVD: CVE-2023-44022

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-44022
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2023-44022
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2024-13797
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-13797
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-44022
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2023-44022
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2024-13797 // JVNDB: JVNDB-2023-013146 // NVD: CVE-2023-44022

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-013146 // NVD: CVE-2023-44022

PATCH

title:

Patch for Tenda AC10U formSetSpeedWan function buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/534461

Trust: 0.6

sources: CNVD: CNVD-2024-13797

EXTERNAL IDS

db:	NVD	id:	CVE-2023-44022	Trust: 3.2
db:	JVNDB	id:	JVNDB-2023-013146	Trust: 0.8
db:	CNVD	id:	CNVD-2024-13797	Trust: 0.6

sources: CNVD: CNVD-2024-13797 // JVNDB: JVNDB-2023-013146 // NVD: CVE-2023-44022

REFERENCES

url:	https://github.com/aixiao0621/tenda/blob/main/ac10u/3/0.md	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-44022	Trust: 1.4

sources: CNVD: CNVD-2024-13797 // JVNDB: JVNDB-2023-013146 // NVD: CVE-2023-44022

SOURCES

db:	CNVD	id:	CNVD-2024-13797
db:	JVNDB	id:	JVNDB-2023-013146
db:	NVD	id:	CVE-2023-44022

LAST UPDATE DATE

2024-08-14T13:19:48.918000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-13797	date:	2024-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-013146	date:	2023-12-20T03:10:00
db:	NVD	id:	CVE-2023-44022	date:	2023-09-27T18:46:35.543

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-13797	date:	2024-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-013146	date:	2023-12-20T00:00:00
db:	NVD	id:	CVE-2023-44022	date:	2023-09-27T15:19:35.407