Vulnerabilities > CVE-2023-48194 - Unspecified vulnerability in Tenda Ac8V4 Firmware 16.03.34.09

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

tenda

critical

NVD

Published: 2024-07-09

Updated: 2024-07-12

Summary

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.

Vulnerable Configurations

Part	Description	Count
OS	Tenda Tenda Ac8V4 Firmware 16.03.34.09	1
Hardware	Tenda Tenda Ac8V4 -	1

References

http://tenda.com
https://github.com/zt20xx/CVE-2023-48194