CVE-2023-37717 | SynScan

Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2023-37717

Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.

Published: Jul 14, 2023
Updated: Jul 22, 2023
CVE: CVE-2023-37717
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
tenda / f1202_firmware	1.2.0.20(408)	1.2.0.20(408).x
tenda / fh1202_firmware	1.2.0.19_en	1.2.0.19_en.x
tenda / f1202_firmware	1.0br	1.0br.x
tenda / ac10_firmware	1.0	1.0.x
tenda / ac1206_firmware	1.0	1.0.x
tenda / ac7_firmware	1.0	1.0.x
tenda / ac5_firmware	1.0	1.0.x
tenda / ac9_firmware	3.0	3.0.x

https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromDhcpListClient/repot.md