Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2023-41561

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.

  • Published: Aug 30, 2023
  • Updated: Sep 2, 2023
  • CVE: CVE-2023-41561
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
tenda / ac9_firmware 15.03.06.42_multi 15.03.06.42_multi.x
tenda / ac5_firmware 15.03.06.28 15.03.06.28.x