CVE-2022-40866 - OpenCVE

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Tenda	W20e Firmware W20e

Configuration 1 [-]

AND

cpe:2.3:o:tenda:w20e_firmware:15.11.0.6:*:*:*:*:*:*:*

cpe:2.3:h:tenda:w20e:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/CPSeek/Router-vuls/blob/main/Tenda/W20E/setDebugCfg.md	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-23T14:26:40

Updated: 2022-09-23T14:26:40

Reserved: 2022-09-19T00:00:00

Link: CVE-2022-40866

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-23T15:15:14.593

Modified: 2022-09-28T17:07:10.330

Link: CVE-2022-40866

JSON object: View

Redhat Information

No data.

CWE

CWE-787