Submit #726360: Tenda Tenda AC20 V16.03.08.12 Buffer Overflowinfo

TitelTenda Tenda AC20 V16.03.08.12 Buffer Overflow
BeschreibungA buffer overflow vulnerability was discovered on the latest version of the Tengda AC20 router, V16.03.08.12, where an attacker sent a carefully constructed http post packet to the request path /goform/PowerSaveSettriggered, resulting in a denial of service attack or even RCE, specifically through the function sscanf(s, "%[^:]:%[^-]-%[^:]:%s", v7, v8, v9, v10); implemented, because there is no boundary check on the s
Quelle⚠️ https://github.com/xyh4ck/iot_poc/tree/main/Tenda%20AC20_Buffer_Overflow
Benutzer
 xuanyu (UID 36103)
Einreichung30.12.2025 06:49 (vor 6 Monaten)
Moderieren30.12.2025 08:25 (2 hours later)
StatusAkzeptiert
VulDB Eintrag338742 [Tenda AC20 bis 16.03.08.12 /goform/PowerSaveSet sscanf powerSavingEn/time/powerSaveDelay/ledCloseType Pufferüberlauf]
Punkte20

Do you want to use VulDB in your project?

Use the official API to access entries easily!