Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMerl/asuswrt-merlin) allows web authenticated attackers to execute code via a request that updates a setting. In ej_update_variables, the length of the variable action_script is not checked, as long as it includes a "_wan_if" substring.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASUS路由器缓冲区错误漏洞
Vulnerability Description
ASUS routers是华硕(ASUS)公司的一款无线路由器产品。 ASUS路由器中的router/httpd/web.c文件的‘ej_update_variables’函数存在基于栈的缓冲区溢出漏洞。攻击者可通过发送更新设置的请求利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A