| Titel | Tenda AC1206 V15.03.06.23 NULL Pointer Dereference |
|---|
| Beschreibung | A vulnerability has been identified in Tenda AC1206 firmware version V15.03.06.23. The issue resides within the websReadEvent function, where the strlen function is invoked with a null pointer. This improper handling results in a segmentation fault due to the internal dereference of the null pointer. The vulnerability is exploitable remotely, and an exploit has been publicly disclosed, allowing potential attackers to leverage this flaw. |
|---|
| Quelle | ⚠️ https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md |
|---|
| Benutzer | minipython (UID 75988) |
|---|
| Einreichung | 18.10.2024 15:19 (vor 2 Jahren) |
|---|
| Moderieren | 23.10.2024 08:03 (5 days later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 281555 [Tenda AC6/AC7/AC8/AC9/AC10/AC10U/AC15/AC18/AC500/AC1206 bis 20241022 /goform/GetIPTV websReadEvent Content-Length Denial of Service] |
|---|
| Punkte | 0 |
|---|