ID
VAR-202312-1438
CVE
CVE-2023-51095
TITLE
Tenda M3 formDelWlRfPolicy method buffer overflow vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2024-05741
DESCRIPTION
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy. Tenda M3 is an access control controller produced by China Tenda Company. This vulnerability is caused by the formDelWlRfPolicy method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service. attack
Trust: 1.44
sources:
NVD: CVE-2023-51095 //
CNVD: CNVD-2024-05741
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2024-05741
AFFECTED PRODUCTS
| vendor: | tenda | model: | m3 | scope: | eq | version: | 1.0.0.12\(4856\) | Trust: 1.0 |
| vendor: | tenda | model: | m3 | scope: | eq | version: | v1.0.0.12(4856) | Trust: 0.6 |
sources:
CNVD: CNVD-2024-05741 //
NVD: CVE-2023-51095
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2024-05741 //
NVD: CVE-2023-51095
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
sources:
NVD: CVE-2023-51095
PATCH
| title: | Patch for Tenda M3 formDelWlRfPolicy method buffer overflow vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/521561 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-05741
EXTERNAL IDS
| db: | NVD | id: | CVE-2023-51095 | Trust: 1.6 |
| db: | CNVD | id: | CNVD-2024-05741 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-05741 //
NVD: CVE-2023-51095
REFERENCES
| url: | https://github.com/gd008/tenda/blob/main/m3/delwlpolicydata/m3_delwlpolicydata.md | Trust: 1.6 |
sources:
CNVD: CNVD-2024-05741 //
NVD: CVE-2023-51095
SOURCES
| db: | CNVD | id: | CNVD-2024-05741 |
| db: | NVD | id: | CVE-2023-51095 |
LAST UPDATE DATE
2024-08-14T14:30:07.084000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2024-05741 | date: | 2024-01-25T00:00:00 |
| db: | NVD | id: | CVE-2023-51095 | date: | 2023-12-30T03:18:50.037 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2024-05741 | date: | 2024-01-25T00:00:00 |
| db: | NVD | id: | CVE-2023-51095 | date: | 2023-12-26T17:15:08.293 |