| Title | Tenda ac7 V15.03.06.44 Buffer Overflow |
|---|
| Description | The Tenda AC7 V15.03.06.44 was found to have a stack overflow vulnerability in the formSetFirewallCfg function. An attacker can obtain a stable root shell through a carefully constructed payload.
In the function, the (the value of ) we entered is directly copied into the array through the function.It is not secure, as long as the size of the data we enter is larger than the size of , it will cause a stack overflow.formSetFirewallCfgfirewall_valuefirewallEnfirewall_bufstrcpyfirewall_buf |
|---|
| Source | ⚠️ https://github.com/Raining-101/IOT_cve/blob/main/ac7_V15.03.06.44_SetFirewallCfg.md |
|---|
| User | Raining101 (UID 81770) |
|---|
| Submission | 02/22/2025 03:39 AM (1 Year ago) |
|---|
| Moderation | 03/02/2025 09:04 PM (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 298119 [Tenda AC7 up to 15.03.06.44 /goform/SetFirewallCfg formSetFirewallCfg firewallEn stack-based overflow] |
|---|
| Points | 20 |
|---|