| Название | Shenzhen Tenda Technology Co.,Ltd. AC1206 <=V15.03.06.23 Buffer Overflow |
|---|
| Описание | Tenda AC1206 V15.03.06.23 firmware has a buffer overflow vulnerability in the formSetCfm function, function sprintf(mib_name, "%s.list%d", list_name, counta); The funcpara1 string content is copied to the target region without bounds checking, causing the buffer to overflow and overwrite the memory area behind the array, which may cause the program to crash or even remote code execution, triggering this security vulnerability. |
|---|
| Источник | ⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/AC1206/AC1206formSetCfm/formSetCfm.md |
|---|
| Пользователь | CH13hh (UID 83683) |
|---|
| Представление | 22.04.2025 11:57 (12 месяцы назад) |
|---|
| Модерация | 05.05.2025 14:22 (13 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 307402 [Tenda AC1206 до 15.03.06.23 /goform/setcfm formSetCfm повреждение памяти] |
|---|
| Баллы | 20 |
|---|