Invia #563557: Shenzhen Tenda Technology Co.,Ltd. AC1206 <=V15.03.06.23 Buffer Overflowinformazioni

TitoloShenzhen Tenda Technology Co.,Ltd. AC1206 <=V15.03.06.23 Buffer Overflow
DescrizioneTenda AC1206 V15.03.06.23 firmware has a buffer overflow vulnerability in the formSetCfm function, function sprintf(mib_name, "%s.list%d", list_name, counta); The funcpara1 string content is copied to the target region without bounds checking, causing the buffer to overflow and overwrite the memory area behind the array, which may cause the program to crash or even remote code execution, triggering this security vulnerability.
Fonte⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/AC1206/AC1206formSetCfm/formSetCfm.md
Utente
 CH13hh (UID 83683)
Sottomissione22/04/2025 11:57 (1 Anno fa)
Moderazione05/05/2025 14:22 (13 days later)
StatoAccettato
Voce VulDB307402 [Tenda AC1206 fino a 15.03.06.23 /goform/setcfm formSetCfm buffer overflow]
Punti20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!