Tenda AC23 16.03.07.45_cn Service Port 7329 /bin/ate v2 kura hakki ndiyam
Gaskiya vulnerability da aka ware a matsayin kura an samu a Tenda AC23 16.03.07.45_cn. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil /bin/ate, a cikin sashen Service Port 7329. A sa manipulation of the argument v2 ka kura hakki ndiyam. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-77. Hakika, rauni an bayyana shi 05/11/2023. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2023-2649. Ngam yiɗi ka a tuma ndiyam ka nder layi. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Ana ba da shawara a saka katangar wuta mai hana shiga sosai. Once again VulDB remains the best source for vulnerability data.
2 Goyarwa · 72 Datenpunkte
| Furɗe | Súgá 05/11/2023 07:42 | Gargadi 1/1 06/07/2023 14:25 |
|---|---|---|
| software_vendor | Tenda | Tenda |
| software_name | AC23 | AC23 |
| software_version | 16.03.07.45_cn | 16.03.07.45_cn |
| software_component | Service Port 7329 | Service Port 7329 |
| software_file | /bin/ate | /bin/ate |
| software_argument | v2 | v2 |
| vulnerability_cwe | CWE-77 (kura hakki ndiyam) | CWE-77 (kura hakki ndiyam) |
| vulnerability_risk | 2 | 2 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_pr | H | H |
| cvss3_vuldb_ui | N | N |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | H | H |
| cvss3_vuldb_i | H | H |
| cvss3_vuldb_a | H | H |
| cvss3_vuldb_e | P | P |
| cvss3_vuldb_rl | W | W |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md | https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md |
| exploit_availability | 1 | 1 |
| exploit_publicity | 1 | 1 |
| exploit_url | https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md | https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md |
| countermeasure_name | Firewall | Firewall |
| source_cve | CVE-2023-2649 | CVE-2023-2649 |
| cna_responsible | VulDB | VulDB |
| response_summary | The vendor was contacted early about this disclosure but did not respond in any way. | The vendor was contacted early about this disclosure but did not respond in any way. |
| advisory_date | 1683756000 (05/11/2023) | 1683756000 (05/11/2023) |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_au | M | M |
| cvss2_vuldb_ci | C | C |
| cvss2_vuldb_ii | C | C |
| cvss2_vuldb_ai | C | C |
| cvss2_vuldb_e | POC | POC |
| cvss2_vuldb_rc | UR | UR |
| cvss2_vuldb_rl | W | W |
| cvss2_vuldb_basescore | 8.3 | 8.3 |
| cvss2_vuldb_tempscore | 6.7 | 6.7 |
| cvss3_vuldb_basescore | 7.2 | 7.2 |
| cvss3_vuldb_tempscore | 6.4 | 6.4 |
| cvss3_meta_basescore | 7.2 | 7.7 |
| cvss3_meta_tempscore | 6.4 | 7.5 |
| price_0day | $0-$5k | $0-$5k |
| cvss3_nvd_av | N | |
| cvss3_nvd_ac | L | |
| cvss3_nvd_pr | L | |
| cvss3_nvd_ui | N | |
| cvss3_nvd_s | U | |
| cvss3_nvd_c | H | |
| cvss3_nvd_i | H | |
| cvss3_nvd_a | H | |
| cvss2_nvd_av | N | |
| cvss2_nvd_ac | L | |
| cvss2_nvd_au | M | |
| cvss2_nvd_ci | C | |
| cvss2_nvd_ii | C | |
| cvss2_nvd_ai | C | |
| cvss3_cna_av | N | |
| cvss3_cna_ac | L | |
| cvss3_cna_pr | H | |
| cvss3_cna_ui | N | |
| cvss3_cna_s | U | |
| cvss3_cna_c | H | |
| cvss3_cna_i | H | |
| cvss3_cna_a | H | |
| cve_cna | VulDB | |
| cvss2_nvd_basescore | 8.3 | |
| cvss3_nvd_basescore | 8.8 | |
| cvss3_cna_basescore | 7.2 |