Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-33669 PoC — Tenda AC8 缓冲区错误漏洞

Source
https://github.com/Mohammaddvd/CVE-2023-33669
Associated Vulnerability
Title:Tenda AC8 缓冲区错误漏洞 (CVE-2023-33669)
Description:Tenda AC8是中国腾达(Tenda)公司的一款无线路由器。 Tenda AC8V4.0-V16.03.34.06版本存在安全漏洞,该漏洞源于参数timeZone存在堆栈溢出问题。
Description
Stack-Overflow on TendaAC8
Readme
# CVE-2023-33669 Exploit

Exploit for a stack overflow vulnerability in the Tenda AC8 router, specifically targeting firmware version `US_AC8V4.0si_V16.03.34.06`.
[Official product page](https://www.tenda.com.cn/download/detail-3518.html).

## Emulation
You can put 'prepare.sh' file in root directory of firmware and execute it. Also for RCE you have to setup tftp server and put 'nc' file in `/tftpboot`.


https://github.com/user-attachments/assets/0eef4f92-074a-4b41-845c-5cfb18309409



This exploit is intended for educational purposes
File Snapshot

 [4.0K]  /data/pocs/cf9d0b3c4296fb2a78b39ac342a58a6a7e3257bf
├── [2.1K]  exploit_CVE-2023-33669.py
├── [174K]  nc
├── [ 121]  prepare.sh
└── [ 542]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.