| عنوان | Tenda AC23 <= V16.03.07.52 Buffer Overflow |
|---|
| الوصف | A buffer overflow vulnerability was discovered on the latest version of the Tengda AC23 router, V16.03.07.52, where an attacker sent a well-crafted http post packet to the request path /goform/SetPptpServerCfg, triggering a denial of service attack or even RCE, specifically via the function sscanf(s, "%[^.].%[^.].%[^.].%s", v10, v11, v12, &v12[8]) because there is no bounds check on s, causing a stack overflow |
|---|
| المصدر | ⚠️ https://github.com/lin-3-start/lin-cve/blob/main/Tenda%20AC23-3/Tenda%20AC23%20Buffer%20overflow.md |
|---|
| المستخدم | QMSSDXN (UID 88719) |
|---|
| ارسال | 15/09/2025 02:56 AM (7 أشهر منذ) |
|---|
| الاعتدال | 21/09/2025 11:40 AM (6 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 325161 [Tenda AC23 حتى 16.03.07.52 HTTP POST Request /goform/SetPptpServerCfg sscanf startIp تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|