Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda AC15 SysToolChangePwd websGetVar stack-based overflow
Vulnerability Description
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Tenda AC15 安全漏洞
Vulnerability Description
Tenda AC15是中国腾达(Tenda)公司的一款无线路由器。 Tenda AC15 15.03.05.18版本存在安全漏洞,该漏洞源于文件/goform/SysToolChangePwd中的函数websGetVar对参数oldPwd/newPwd/cfmPwd的错误操作导致基于栈的缓冲区溢出,可能导致远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A