जमा करें #778317: Tenda W3 V1.0.0.4(3822)_EN Buffer Overflowजानकारी

शीर्षकTenda W3 V1.0.0.4(3822)_EN Buffer Overflow
विवरणA stack-based buffer overflow vulnerability exists in Tenda w3 V1.0.0.4(3822)_EN in the HTTP handler formSetCfm, exposed through the /goform/setcfm endpoint. The POST parameter funcpara1 is copied into a fixed-size stack buffer without bounds checking. An attacker can send a crafted request with an oversized funcpara1 value to corrupt stack memory, crashing the web management service and potentially enabling control‑flow hijacking. The issue is reachable from the router’s HTTP interface with a single POST request and does not require prior authentication in default configurations.
स्रोत⚠️ https://github.com/Svigo-o/Tenda_vul/tree/main/tenda-w3-v1.0.0.4(3822)_EN-setcfm-funcpara1-buffer-overflow
उपयोगकर्ता
 Svigo (UID 95964)
सबमिशन12/03/2026 04:09 AM (4 महीनों पहले)
संयम27/03/2026 03:19 PM (15 days later)
स्थितिप्रतिलिपि
VulDB प्रविष्टि350407 [Tenda W3 1.0.0.3(2204) HTTP /goform/setcfm formSetCfm funcpara1 बफ़र ओवरफ़्लो]
अंक0

Might our Artificial Intelligence support you?

Check our Alexa App!