Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsIP, dhcpsMac);`, the lack of size validation for the rules could lead to buffer overflows in `dhcpsIndex`, `dhcpsIP`, and `dhcpsMac`.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenda W20E 安全漏洞
Vulnerability Description
Tenda W20E是中国腾达(Tenda)公司的一款路由器。 Tenda W20E V4.0br_V15.11.0.6版本存在安全漏洞,该漏洞源于处理addDhcpRules数据时缺少大小验证,可能导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A