| Title | Tenda i9 V1.0.0.8(3828) NULL Pointer Dereference |
|---|
| Description | A vulnerability has been identified in Tenda I9 firmware version V1.0.0.8(3828). This issue affects the function websReadEvent of the file /goform/GetIPTV. Improper manipulation of the Content-Length leads to passing a null pointer to the strlen function, resulting in a null pointer dereference. This vulnerability can be exploited remotely, enabling potential attackers to take advantage of the flaw. |
|---|
| Source | ⚠️ https://github.com/xiaobor123/tenda-vul-i9 |
|---|
| User | xiaobor123 (UID 76914) |
|---|
| Submission | 11/18/2024 13:56 (1 Year ago) |
|---|
| Moderation | 11/24/2024 16:03 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 285971 [Tenda i9 1.0.0.8(3828) /goform/GetIPTV websReadEvent null pointer dereference] |
|---|
| Points | 19 |
|---|