| tiêu đề | Tenda F451_kfw_V1.0.0.7_cn_svn7958 V1.0.0.7 Buffer Overflow |
|---|
| Mô tả | We found an overflow vulnerability in httpd :
In fromSafeUrlFilter function,it reads in a user-provided parameter page and menufacturer.
If the value of menufacturer is empty, the variable v9 will be passed to the sprintf function without any length check, which may overflow the stack-based buffer s.
As a result, by requesting the page, an attacker can easily execute a denial of service attack or remote code execution. |
|---|
| Nguồn | ⚠️ https://github.com/Jimi-Lab/cve/issues/17 |
|---|
| Người dùng | Jxm666 (UID 96919) |
|---|
| Đệ trình | 30/03/2026 16:02 (cách đây 15 ngày) |
|---|
| Kiểm duyệt | 12/04/2026 09:22 (13 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 356997 [Tenda F451 1.0.0.7_cn_svn7958 /goform/SafeUrlFilter fromSafeUrlFilter page tràn bộ đệm] |
|---|
| điểm | 20 |
|---|