| タイトル | Tenda i3 V1.0.0.7(3856) Buffer Overflow |
|---|
| 説明 | A stack-based buffer overflow vulnerability exists in Tenda i3 V1.0.0.7(3856) in formWifiMacFilterSet, exposed via /goform/WifiMacFilterSet. The vulnerability is caused by unsafe processing of the POST parameter index, which is copied into a stack buffer without adequate bounds checking. A crafted request with a large index value may overwrite adjacent stack memory, causing the management service to crash and potentially allowing code execution. The issue is triggered through the HTTP POST parameter parsing logic of the MAC filter configuration handler. |
|---|
| ソース | ⚠️ https://github.com/Svigo-o/Tenda_vul/tree/main/tenda-i3-v1.0.0.7(3856)-formWifiMacFilterSet-index-buffer-overflow |
|---|
| ユーザー | m202572177 (UID 95972) |
|---|
| 送信 | 2026年03月12日 03:41 (28 日 ago) |
|---|
| モデレーション | 2026年03月27日 13:49 (15 days later) |
|---|
| ステータス | 重複 |
|---|
| VulDBエントリ | 349771 [Tenda i3 1.0.0.6(2204) /goform/WifiMacFilterSet formWifiMacFilterSet index メモリ破損] |
|---|
| ポイント | 0 |
|---|