Vulnerability Details CVE-2023-40798
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.3%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-40798
-
cpe:2.3:h:tenda:ac23:-
-
cpe:2.3:o:tenda:ac23_firmware:16.03.07.45_cn