CVE-2023-47455 - OpenCVE

Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tenda	Ax1806 Ax1806 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ax1806:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md

History

Thu, 05 Sep 2024 15:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-122

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-07T00:00:00

Updated: 2024-09-05T13:26:13.393Z

Reserved: 2023-11-06T00:00:00

Link: CVE-2023-47455

Vulnrichment

Updated: 2024-08-02T21:09:37.354Z

NVD

Status : Modified

Published: 2023-11-07T15:15:10.870

Modified: 2024-09-05T14:35:12.283

Link: CVE-2023-47455

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-47455", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-09-05T13:26:13.393Z", "dateReserved": "2023-11-06T00:00:00", "datePublished": "2023-11-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-07T14:50:19.518773"}, "descriptions": [{"lang": "en", "value": "Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:09:37.354Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-122", "lang": "en", "description": "CWE-122 Heap-based Buffer Overflow"}]}], "affected": [{"vendor": "tenda", "product": "ax1806_firmware", "cpes": ["cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.0.0.1", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-05T13:25:18.344621Z", "id": "CVE-2023-47455", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-05T13:26:13.393Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:09:37.354Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-47455", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-05T13:25:18.344621Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*"], "vendor": "tenda", "product": "ax1806_firmware", "versions": [{"status": "affected", "version": "1.0.0.1"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-05T13:24:47.678Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md"}], "descriptions": [{"lang": "en", "value": "Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-07T14:50:19.518773"}}}, "cveMetadata": {"cveId": "CVE-2023-47455", "state": "PUBLISHED", "dateUpdated": "2024-09-05T13:26:13.393Z", "dateReserved": "2023-11-06T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-11-07T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "578F9769-EF24-4B52-83D3-9AA2C91A503D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ax1806:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACA44369-A513-474F-8DD0-A81B598F5B07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size."}, {"lang": "es", "value": "Tenda AX1806 V1.0.0.1 contiene una vulnerabilidad de desbordamiento de mont\u00f3n en la funci\u00f3n setSchedWifi, en la que src y v12 se obtienen directamente del par\u00e1metro de solicitud http schedStartTime y schedEndTime sin verificar su tama\u00f1o."}], "id": "CVE-2023-47455", "lastModified": "2024-09-05T14:35:12.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-11-07T15:15:10.870", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-122"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}