| Title | Tenda AC6v2 V15.03.06.23 NULL Pointer Dereference |
|---|
| Description | A vulnerability has been identified in Tenda AC6v2 firmware version V15.03.06.23. The issue resides within the websReadEvent function, where the strlen function is invoked with a null pointer. This improper handling results in a segmentation fault due to the internal dereference of the null pointer. The vulnerability is exploitable remotely, and an exploit has been publicly disclosed, allowing potential attackers to leverage this flaw. |
|---|
| Source | ⚠️ https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md |
|---|
| User | minipython (UID 75988) |
|---|
| Submission | 10/18/2024 15:19 (2 years ago) |
|---|
| Moderation | 10/23/2024 08:03 (5 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 281555 [Tenda AC6/AC7/AC8/AC9/AC10/AC10U/AC15/AC18/AC500/AC1206 up to 20241022 /goform/GetIPTV websReadEvent Content-Length null pointer dereference] |
|---|
| Points | 0 |
|---|