Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the list parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Tenda产品缓冲区错误漏洞
Vulnerability Description
Tenda AC7等都是中国腾达(Tenda)公司的一款无线路由器。 使用V15.03.06.44_CN(AC7)及版本固件的Tenda AC7、使用V15.03.05.19(6318)_CN(AC9)及之前版本固件的AC9和使用V15.03.06.23_CN(AC10)及之前版本固件的AC10中的web server (httpd)存在缓冲区溢出漏洞,该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等
CVSS Information
N/A
Vulnerability Type
N/A