| Название | Tenda M3 V1.0.0.13(4903) Heap-based Buffer Overflow |
|---|
| Описание | The formSetInternetLanInfo handler in /bin/httpd calls formSetRemoteInternetLanInfo (under certain conditions) which is vulnerable to multiple heap overflows due to the complete absence of user input sanitization and bounds checking on parameters portIp, portMask, portGateWay, portDns, and portSecDns.
The vulnerability is in the memcpy() calls with no bounds checking.
The router must be configured with ac.workmode=master (default) for this vulnerability to be exploitable.
Send a crafted POST request to the /goform/setInternetLanInfo endpoint to trigger the heap overflow in formSetRemoteInternetLanInfo |
|---|
| Источник | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Tenda/setRemoteInternetLanInfo.md |
|---|
| Пользователь | dwbruijn (UID 93926) |
|---|
| Представление | 28.12.2025 17:46 (3 месяцы назад) |
|---|
| Модерация | 29.12.2025 09:01 (15 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 338630 [Tenda M3 1.0.0.13(4903) setInternetLanInfo formSetRemoteInternetLanInfo portIp/portMask/portGateWay/portDns/portSecDns повреждение памяти] |
|---|
| Баллы | 20 |
|---|