| 제목 | Tenda M3 V1.0.0.13(4903) Heap-based Buffer Overflow |
|---|
| 설명 | The formSetAdInfoDetail handler in /bin/httpd is vulnerable to multiple heap overflows due to the absence of user input sanitization and bounds checking on parameters adName, smsPassword, smsAccount, weixinAccount, weixinName, smsSignature, adRedirectUrl, adCopyRight, smsContent, and adItemUID.
The malloc() call allocates the heap block where the overflows take place and the memcpy() calls trigger the overflow of the allocated buffer.
Send a POST request to the /goform/setAdInfoDetail endpoint to trigger the heap overflow in formSetAdInfoDetails |
|---|
| 원천 | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Tenda/setAdInfoDetail.md |
|---|
| 사용자 | dwbruijn (UID 93926) |
|---|
| 제출 | 2025. 12. 28. PM 05:40 (3 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 29. AM 09:01 (15 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 338629 [Tenda M3 1.0.0.13(4903) /goform/setAdInfoDetail formSetAdInfoDetails 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|