| Название | Tenda AC9 v1.0/V3.0 V15.03.06.42_multi Stack-based Buffer Overflow |
|---|
| Описание | This vulnerability will cause the device's web service to continuously restart or fail to start, and it is difficult to restore factory settings. Even if the device is restarted, the vulnerability will still be triggered.
The `formGetDdosDefenceList` function has a stack overflow vulnerability.
The `security.ddos.map` configuration field has a stack overflow vulnerability.
An attacker can tamper with the value of `security.ddos.map` in the configuration file, turning it into an overly long string, which can cause a stack overflow and crash the web service. If the string is carefully constructed, it may lead to remote code execution. |
|---|
| Источник | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda3.md |
|---|
| Пользователь | jfkk (UID 79868) |
|---|
| Представление | 31.01.2026 15:31 (3 месяцы назад) |
|---|
| Модерация | 07.02.2026 18:28 (7 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 344894 [Tenda AC9 15.03.06.42_multi formGetDdosDefenceList security.ddos.map повреждение памяти] |
|---|
| Баллы | 20 |
|---|