Vulnerability Details CVE-2018-14492
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-14492
-
cpe:2.3:h:tendacn:ac10:-
-
cpe:2.3:h:tendacn:ac15:-
-
cpe:2.3:h:tendacn:ac18:-
-
cpe:2.3:h:tendacn:ac7:-
-
cpe:2.3:h:tendacn:ac9:-
-
cpe:2.3:o:tendacn:ac10_firmware:-
-
cpe:2.3:o:tendacn:ac10_firmware:15.03.06.23
-
cpe:2.3:o:tendacn:ac15_firmware:-
-
cpe:2.3:o:tendacn:ac15_firmware:15.03.05.18_multi
-
cpe:2.3:o:tendacn:ac15_firmware:15.03.05.19
-
cpe:2.3:o:tendacn:ac15_firmware:15.03.1.16
-
cpe:2.3:o:tendacn:ac18_firmware:15.03.05.05
-
cpe:2.3:o:tendacn:ac18_firmware:15.03.05.19
-
cpe:2.3:o:tendacn:ac18_firmware:15.03.3.10
-
cpe:2.3:o:tendacn:ac7_firmware:15.03.06.44
-
cpe:2.3:o:tendacn:ac9_firmware:15.03.05.14_en
-
cpe:2.3:o:tendacn:ac9_firmware:15.03.05.19
-
cpe:2.3:o:tendacn:ac9_firmware:15.03.05.19(6318)
-
cpe:2.3:o:tendacn:ac9_firmware:15.03.06.42_multi
-
cpe:2.3:o:tendacn:ac9_firmware:15.03.06.60_en
-
cpe:2.3:o:tendacn:ac9_firmware:v15.03.05.19(6318)