Details of VAR-202308-3583

ID

VAR-202308-3583

CVE

CVE-2023-40798

TITLE

Shenzhen Tenda Technology Co.,Ltd. of ac23 Firmware Input Validation Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-022880

DESCRIPTION

In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. Shenzhen Tenda Technology Co.,Ltd. of ac23 There is an input validation vulnerability in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC23 is a dual-band home wireless router launched by Tenda, designed for large homes with high-speed transmission and supporting 802.11ac Wave2 technology. Its dual-band concurrent speed reaches a maximum of 2033Mbps. Attackers can exploit this vulnerability to inject a carefully crafted payload to execute arbitrary web scripts or HTML

Trust: 2.25

sources: NVD: CVE-2023-40798 // JVNDB: JVNDB-2023-022880 // CNVD: CNVD-2025-27904 // VULMON: CVE-2023-40798

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-27904

AFFECTED PRODUCTS

vendor:	tenda	model:	ac23	scope:	eq	version:	16.03.07.45_cn	Trust: 1.0
vendor:	tenda	model:	ac23	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac23	scope:	eq	version:	ac23 firmware 16.03.07.45 cn	Trust: 0.8
vendor:	tenda	model:	ac23	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac23 16.03.07.45 cn	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-27904 // JVNDB: JVNDB-2023-022880 // NVD: CVE-2023-40798

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-40798
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-40798
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-27904
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-27904
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-40798
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2023-40798
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-27904 // JVNDB: JVNDB-2023-022880 // NVD: CVE-2023-40798

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.0
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-022880 // NVD: CVE-2023-40798

EXTERNAL IDS

db:	NVD	id:	CVE-2023-40798	Trust: 3.3
db:	JVNDB	id:	JVNDB-2023-022880	Trust: 0.8
db:	CNVD	id:	CNVD-2025-27904	Trust: 0.6
db:	VULMON	id:	CVE-2023-40798	Trust: 0.1

sources: CNVD: CNVD-2025-27904 // VULMON: CVE-2023-40798 // JVNDB: JVNDB-2023-022880 // NVD: CVE-2023-40798

REFERENCES

url:	https://github.com/lst-oss/vulnerability/tree/main/tenda/ac23/formsetipv6status-formgetwanparameter	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2023-40798	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2025-27904 // VULMON: CVE-2023-40798 // JVNDB: JVNDB-2023-022880 // NVD: CVE-2023-40798

SOURCES

db:	CNVD	id:	CNVD-2025-27904
db:	VULMON	id:	CVE-2023-40798
db:	JVNDB	id:	JVNDB-2023-022880
db:	NVD	id:	CVE-2023-40798

LAST UPDATE DATE

2025-11-19T23:25:04.602000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-27904	date:	2025-11-14T00:00:00
db:	VULMON	id:	CVE-2023-40798	date:	2023-08-25T00:00:00
db:	JVNDB	id:	JVNDB-2023-022880	date:	2024-01-24T07:19:00
db:	NVD	id:	CVE-2023-40798	date:	2023-08-29T16:10:53.747

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-27904	date:	2025-11-14T00:00:00
db:	VULMON	id:	CVE-2023-40798	date:	2023-08-25T00:00:00
db:	JVNDB	id:	JVNDB-2023-022880	date:	2024-01-24T00:00:00
db:	NVD	id:	CVE-2023-40798	date:	2023-08-25T16:15:08.510