| 제목 | Tenda M3 V1.0.0.13(4903) Heap-based Buffer Overflow |
|---|
| 설명 | The formSetInternetLanInfo handler in /bin/httpd calls formSetRemoteInternetLanInfo (under certain conditions) which is vulnerable to multiple heap overflows due to the complete absence of user input sanitization and bounds checking on parameters portIp, portMask, portGateWay, portDns, and portSecDns.
The vulnerability is in the memcpy() calls with no bounds checking.
The router must be configured with ac.workmode=master (default) for this vulnerability to be exploitable.
Send a crafted POST request to the /goform/setInternetLanInfo endpoint to trigger the heap overflow in formSetRemoteInternetLanInfo |
|---|
| 원천 | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Tenda/setRemoteInternetLanInfo.md |
|---|
| 사용자 | dwbruijn (UID 93926) |
|---|
| 제출 | 2025. 12. 28. PM 05:46 (3 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 29. AM 09:01 (15 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 338630 [Tenda M3 1.0.0.13(4903) setInternetLanInfo formSetRemoteInternetLanInfo portIp/portMask/portGateWay/portDns/portSecDns 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|