CVE-2022-30040

Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
tendaax1803_firmware
1.0.0.1_2890:_2890
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Le1a/CVE-2022-30040
https://github.com/Le1a/Tenda-AX1803-Denial-of-service
https://github.com/Le1a/CVE-2022-30040
https://github.com/Le1a/Tenda-AX1803-Denial-of-service