COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-48194

CVE-2023-48194

Severity
critical
Source
NVD · cve
Published
2024-07-09
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-48194
shame 35/100

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.

Players implicated

tenda · vendorac8 firmware · productac8v4 · product

Description

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.