Cyber Resilience

CVE-2023-49043

CriticalPublic PoC

Published: 27 November 2023

Published
27 November 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.3261 97.0th percentile
Risk Priority 39 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-49043 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Tenda Ax1803 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 3.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A buffer overflow vulnerability exists in Tenda AX1803 firmware version 1.0.0.1 within the fromSetWirelessRepeat function, triggered by the wpapsk_crypto parameter and tracked as CWE-787. The flaw received a CVSS 3.1 base score of 9.8, reflecting network-accessible attack conditions that require no authentication or user interaction.

Unauthenticated remote attackers can send a crafted request to the affected wireless configuration endpoint, causing memory corruption that permits arbitrary code execution with full control over the device confidentiality, integrity, and availability.

Public references consist of technical write-ups and proof-of-concept material hosted on GitHub; no vendor advisory or firmware patch information is included in the supplied references. The associated EPSS score has remained stable at 0.3261 with no material upward trajectory observed after disclosure.

EU & UK References

Vulnerability details

Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Buffer overflow vulnerability in the web function fromSetWirelessRepeat allows remote attackers to achieve arbitrary code execution on the Tenda AX1803 router, a public-facing network device, directly facilitating T1190: Exploit Public-Facing Application.

Affected Assets

tenda
ax1803 firmware
1.0.0.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References