Sign-up

ID

VAR-202308-3191


CVE

CVE-2023-40894


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  ac8v4  Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2023-022714

DESCRIPTION

Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg. Shenzhen Tenda Technology Co.,Ltd. of ac8v4 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC8 is a dual-band gigabit wireless router designed for homes with fiber optic connections up to 1000 Mbps. It supports dual-band concurrent transmission rates of up to 1167 Mbps and is equipped with full gigabit ports (1 WAN port + 3 LAN ports), meeting broadband access needs from 100 to 1000 Mbps. An attacker could exploit this vulnerability by submitting specially crafted requests to cause the application to crash or execute arbitrary code in the application's context

Trust: 2.16

sources: NVD: CVE-2023-40894 // JVNDB: JVNDB-2023-022714 // CNVD: CNVD-2025-20715

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-20715

AFFECTED PRODUCTS

vendor:tendamodel:ac8scope:eqversion:16.03.34.06

Trust: 1.0

vendor:tendamodel:ac8v4scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac8v4scope:eqversion:ac8v4 firmware 16.03.34.06

Trust: 0.8

vendor:tendamodel:ac8v4scope: - version: -

Trust: 0.8

vendor:tendamodel:ac8 us ac8v4.0si v16.03.34.06 cnscope:eqversion:v4

Trust: 0.6

sources: CNVD: CNVD-2025-20715 // JVNDB: JVNDB-2023-022714 // NVD: CVE-2023-40894

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-40894
value: CRITICAL

Trust: 1.0

NVD: CVE-2023-40894
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2025-20715
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-20715
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2023-40894
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2023-40894
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-20715 // JVNDB: JVNDB-2023-022714 // NVD: CVE-2023-40894

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-022714 // NVD: CVE-2023-40894

EXTERNAL IDS

db:NVDid:CVE-2023-40894

Trust: 3.3

db:JVNDBid:JVNDB-2023-022714

Trust: 0.8

db:CNVDid:CNVD-2025-20715

Trust: 0.6

db:VULMONid:CVE-2023-40894

Trust: 0.1

sources: CNVD: CNVD-2025-20715 // VULMON: CVE-2023-40894 // JVNDB: JVNDB-2023-022714 // NVD: CVE-2023-40894

REFERENCES

url:https://github.com/peris-navince/founded-0-days/blob/main/ac8/fromsetstaticroutecfg/1.md

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2023-40894

Trust: 0.8

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2025-20715 // VULMON: CVE-2023-40894 // JVNDB: JVNDB-2023-022714 // NVD: CVE-2023-40894

SOURCES

db:CNVDid:CNVD-2025-20715
db:VULMONid:CVE-2023-40894
db:JVNDBid:JVNDB-2023-022714
db:NVDid:CVE-2023-40894

LAST UPDATE DATE

2025-12-18T00:32:28.182000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-20715date:2025-09-05T00:00:00
db:VULMONid:CVE-2023-40894date:2023-08-24T00:00:00
db:JVNDBid:JVNDB-2023-022714date:2024-01-24T01:51:00
db:NVDid:CVE-2023-40894date:2025-12-08T13:14:17.633

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-20715date:2025-09-05T00:00:00
db:VULMONid:CVE-2023-40894date:2023-08-24T00:00:00
db:JVNDBid:JVNDB-2023-022714date:2024-01-24T00:00:00
db:NVDid:CVE-2023-40894date:2023-08-24T18:15:07.827