提出 #726360: Tenda Tenda AC20 V16.03.08.12 Buffer Overflow情報

タイトルTenda Tenda AC20 V16.03.08.12 Buffer Overflow
説明A buffer overflow vulnerability was discovered on the latest version of the Tengda AC20 router, V16.03.08.12, where an attacker sent a carefully constructed http post packet to the request path /goform/PowerSaveSettriggered, resulting in a denial of service attack or even RCE, specifically through the function sscanf(s, "%[^:]:%[^-]-%[^:]:%s", v7, v8, v9, v10); implemented, because there is no boundary check on the s
ソース⚠️ https://github.com/xyh4ck/iot_poc/tree/main/Tenda%20AC20_Buffer_Overflow
ユーザー
 xuanyu (UID 36103)
送信2025年12月30日 06:49 (6 月 ago)
モデレーション2025年12月30日 08:25 (2 hours later)
ステータス承諾済み
VulDBエントリ338742 [Tenda AC20 迄 16.03.08.12 /goform/PowerSaveSet sscanf powerSavingEn/time/powerSaveDelay/ledCloseType メモリ破損]
ポイント20

Interested in the pricing of exploits?

See the underground prices here!