Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZTE多款产品 安全漏洞
Vulnerability Description
ZTE ZXHN H168N等都是中国中兴(ZTE)公司的产品。ZTE ZXHN H168N是一款路由器。ZTE ZXHN H168A是一款无线路由器。ZTE ZXHN E1600是一款Wi-Fi 6路由器。 ZTE多款产品存在安全漏洞,该漏洞源于存在基于堆栈的缓冲区溢出漏洞,经过身份验证的攻击者可以利用此漏洞以root身份远程执行代码。以下产品和版本受到影响:ZXHN H168A V2.1版本、ZXHN H168N V3.5版本、ZXHN H338A V1.5版本、ZXHN E1600 V1.0版本、Z
CVSS Information
N/A
Vulnerability Type
N/A