Invia #726360: Tenda Tenda AC20 V16.03.08.12 Buffer Overflowinformazioni

TitoloTenda Tenda AC20 V16.03.08.12 Buffer Overflow
DescrizioneA buffer overflow vulnerability was discovered on the latest version of the Tengda AC20 router, V16.03.08.12, where an attacker sent a carefully constructed http post packet to the request path /goform/PowerSaveSettriggered, resulting in a denial of service attack or even RCE, specifically through the function sscanf(s, "%[^:]:%[^-]-%[^:]:%s", v7, v8, v9, v10); implemented, because there is no boundary check on the s
Fonte⚠️ https://github.com/xyh4ck/iot_poc/tree/main/Tenda%20AC20_Buffer_Overflow
Utente
 xuanyu (UID 36103)
Sottomissione30/12/2025 06:49 (6 mesi fa)
Moderazione30/12/2025 08:25 (2 hours later)
StatoAccettato
Voce VulDB338742 [Tenda AC20 fino a 16.03.08.12 /goform/PowerSaveSet sscanf powerSavingEn/time/powerSaveDelay/ledCloseType buffer overflow]
Punti20

Do you need the next level of professionalism?

Upgrade your account now!