Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32033PUBLISHED: 2022-07-01Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
CVE-2022-32034PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
CVE-2022-32035PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
CVE-2022-32036PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
CVE-2022-32037PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
User Rank: Ninja
4/30/2020 | 10:25:05 PM
I've noticed two commonalities:
1) Too many logs are collected and there isn't AI correlation to make sense of it efficiently so it becomes noise.
or
2) Logging isn't set up in the right places so when an event does happen the security unit is blind to it.