Vulnerability CVE-2023-40798


Published: 2023-08-25

Description:
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.

 References:
https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter

Copyright 2026, cxsecurity.com

 

Back to Top