Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-2227

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-26 Sep, 2007 | 00:00
Updated At-08 Aug, 2024 | 03:59
Rejected At-
Credits

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:26 Sep, 2007 | 00:00
Updated At:08 Aug, 2024 | 03:59
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/5693
vdb-entry
x_refsource_BID
http://www.securityfocus.com/archive/1/291329
mailing-list
x_refsource_BUGTRAQ
http://www.rtfm.com/ssldump/
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/5693
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/archive/1/291329
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.rtfm.com/ssldump/
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
Resource:
vdb-entry
x_refsource_XF
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/5693
vdb-entry
x_refsource_BID
x_transferred
http://www.securityfocus.com/archive/1/291329
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.rtfm.com/ssldump/
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5693
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/291329
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.rtfm.com/ssldump/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2002 | 05:00
Updated At:03 Apr, 2025 | 01:03

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
rtfm
rtfm
>>ssldump>>Versions up to 0.9b2(inclusive)
cpe:2.3:a:rtfm:ssldump:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.rtfm.com/ssldump/cve@mitre.org
Broken Link
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/291329cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/5693cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/10087cve@mitre.org
Third Party Advisory
VDB Entry
http://www.rtfm.com/ssldump/af854a3a-2127-422b-91ae-364da2661108
Broken Link
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/291329af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/5693af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/10087af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: http://www.rtfm.com/ssldump/
Source: cve@mitre.org
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/291329
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/5693
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.rtfm.com/ssldump/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/291329
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/5693
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10087
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

385Records found
CVE-2022-30920
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:24
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30913
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30916
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-08 Jun, 2022 | 13:23
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnetDebug parameter at /goform/aspForm.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_r100magic_r100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29321
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.87% / 82.82%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29325
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.50% / 80.85%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29327
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.50% / 80.85%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29328
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.55% / 85.22%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dap-1330_firmwaredap-1330n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29392
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29393
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29395
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29391
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29324
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.87% / 82.82%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29322
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.55% / 85.22%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29396
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29399
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.55%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:50
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29397
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:50
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-7161
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-20.20% / 95.37%
||
7 Day CHG~0.00%
Published-05 Oct, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29394
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.62%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 19:49
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n600r_firmwaren600rn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-29326
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.50% / 80.85%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 13:16
Updated-03 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816_firmwaredir-816n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28381
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-79.34% / 99.04%
||
7 Day CHG~0.00%
Published-03 Apr, 2022 | 18:30
Updated-03 Aug, 2024 | 05:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.

Action-Not Available
Vendor-allmediaservern/a
Product-allmediaservern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28560
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 15:20
Updated-03 Aug, 2024 | 05:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28561
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.87%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 15:21
Updated-03 Aug, 2024 | 05:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax12_firmwareax12n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20605
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.18% / 40.02%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27568
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-1.17% / 78.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2283
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.02%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-27016
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-07 Apr, 2022 | 14:20
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27569
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-1.17% / 78.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27022
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-07 Apr, 2022 | 15:02
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27572
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-1.17% / 78.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27570
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-1.17% / 78.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25461
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.67%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25427
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:52
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25448
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25418
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 22:44
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.67%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25447
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25073
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.22% / 89.74%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 22:44
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr841ntl-wr841n_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25074
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.22% / 89.74%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 22:44
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr902actl-wr902ac_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25450
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.87%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25451
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.67%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26098
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.1||HIGH
EPSS-1.17% / 78.36%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 04:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25458
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25431
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25445
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.87%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25453
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25440
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25455
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.77%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 20:53
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found