| Название | Tenda M3 V1.0.0.13(4903) Heap-based Buffer Overflow |
|---|
| Описание | The formSetAdInfoDetail handler in /bin/httpd is vulnerable to multiple heap overflows due to the absence of user input sanitization and bounds checking on parameters adName, smsPassword, smsAccount, weixinAccount, weixinName, smsSignature, adRedirectUrl, adCopyRight, smsContent, and adItemUID.
The malloc() call allocates the heap block where the overflows take place and the memcpy() calls trigger the overflow of the allocated buffer.
Send a POST request to the /goform/setAdInfoDetail endpoint to trigger the heap overflow in formSetAdInfoDetails |
|---|
| Источник | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Tenda/setAdInfoDetail.md |
|---|
| Пользователь | dwbruijn (UID 93926) |
|---|
| Представление | 28.12.2025 17:40 (4 месяцы назад) |
|---|
| Модерация | 29.12.2025 09:01 (15 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 338629 [Tenda M3 1.0.0.13(4903) /goform/setAdInfoDetail formSetAdInfoDetails повреждение памяти] |
|---|
| Баллы | 20 |
|---|