Vulnerabilities > CVE-2022-32036 - Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

tenda

CWE-787

NVD

Published: 2022-07-01

Updated: 2023-01-20

Summary

Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.

Vulnerable Configurations

Part	Description	Count
OS	Tenda Tenda M3 Firmware 1.0.0.12	1
Hardware	Tenda Tenda M3 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/d1tto/IoT-vuln/tree/main/Tenda/M3/formSetStoreWeb