7.1
CVE-2023-43886
- EPSS 0.65%
- Veröffentlicht 07.11.2023 08:15:24
- Zuletzt bearbeitet 21.11.2024 08:24:57
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginA buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tenda ≫ Rx9 Pro Firmware Version22.03.02.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.65% | 0.461 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 2.8 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://blog.rtlcopymemory.com/tenda-rx9-pro/