virus logo Intrusion Prevention

Tenda.Routers.fromDhcpListClient.Stack.Overflow

description-logoDescription

This indicates an attack attempt to exploit a Stack Overflow vulnerability in multiple Tenda routers.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

Tenda AC10U version 15.03.06.49_multi_TDE01
Tenda F1202 version v1.2.0.20(408)
Tenda F1203 version V2.0.1.6
Tenda FH1202 version V1.2.0.19_EN
Tenda AC10 version V1.0
Tenda AC1206 version V1.0
Tenda AC7 version V1.0
Tenda AC5 version V1.0
Tenda AC9 version V3.0
Tenda AC15 version V15.03.05.19
Tenda AC18 version V15.03.05.19
Tenda AC1206 version V15.03.06.23
Tenda M3 version V1.0.0.12
Tenda AC7 version V15.03.06.44_CN
Tenda AC9 version V15.03.05.19(6318)_CN
Tenda AC10 version V15.03.06.23_CN
Tenda AC15 version V15.03.05.19_CN
Tenda AC18 version V15.03.05.19(6318)_CN

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-04-01 27.758 Default_action:pass:drop
2024-03-20 27.752
ID 54859
Created Mar 12, 2024
Updated Mar 20, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2022-37806 CVE-2018-18706 CVE-2022-32039 CVE-2022-40869 CVE-2023-37717 CVE-2022-46548 CVE-2024-0928
Exploit Prediction Score 0.23%
Default Action drop
Active
Affected OS Other
Affected App Other