Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda AC1206 HTTP Request AdvSetMacMtuWa check_param_changed stack-based overflow
Vulnerability Description
A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Tenda AC1206 安全漏洞
Vulnerability Description
Tenda AC1206是中国腾达(Tenda)公司的一款无线千兆路由器。 Tenda AC1206 15.03.06.23版本存在安全漏洞,该漏洞源于HTTP Request Handler组件中文件/goform/AdvSetMacMtuWa的函数check_param_changed对参数wanMTU的错误操作,可能导致基于栈的缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A