| Title | Tenda Tenda A15 V15.13.07.13 V15.13.07.13 Stack-based Buffer Overflow |
|---|
| Description | Tenda AC15 is a dual band three gigabit wireless router suitable for households with fiber optic cables up to 1000 megabits. It supports gigabit ports, intelligent frequency band selection, parental control, and other functions. Shenzhen Jixiang Tengda Technology Co., Ltd. AC15 has a binary vulnerability that attackers can exploit to cause stack overflow.
The formSetDevNetName function, which uses websGetVar to retrieve the mac parameter and passes it as the second argument to the set_device_name function.
In the set_device_name function, the sprintf function does not validate the length of the mac parameter, directly writing it into the buffer.
1.Device Crash: The target device crashes, causing a Denial of Service (DoS).
2.Arbitrary Code Execution: Through buffer overflow, the attacker can execute arbitrary code, taking full control of the device.
3.Further Exploitation: The device can be used as a springboard to attack other targets within the internal network. |
|---|
| Source | ⚠️ https://pan.baidu.com/s/1DBDf27oCTIMkW-PSZwg02Q?pwd=tara |
|---|
| User | polaris0x1 (UID 67906) |
|---|
| Submission | 01/17/2025 02:48 PM (1 Year ago) |
|---|
| Moderation | 01/18/2025 08:45 AM (18 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 292527 [Tenda AC15 15.13.07.13 /goform/SetDevNetName formSetDevNetName mac stack-based overflow] |
|---|
| Points | 20 |
|---|