| 标题 | Tenda AC10U AC10U v1.0 Firmware V15.03.06.48、AC10U v1.0 Firmware V15.03.06.49 Buffer Overflow |
|---|
| 描述 | In the Tenda AC10U v1.0 Firmware V15.03.06.48、AC10U v1.0 Firmware V15.03.06.49 firmware has a buffer overflow vulnerability in the formSetPPTPUserList function. The Var variable receives the list parameter from a POST request and is later passed to the strcpy function. However, since the Since user can control the input of list, the statemeant v4 = strcpy(Var, "~"); can cause a buffer overflow. |
|---|
| 来源 | ⚠️ https://www.notion.so/Tenda-AC10U-setPptpUserList-2d753a41781f80e8ba6bc37ba6100343?pvs=73 |
|---|
| 用户 | yhryhryhr_miemie (UID 65492) |
|---|
| 提交 | 2025-12-28 10時19分 (6 月前) |
|---|
| 管理 | 2025-12-28 14時20分 (4 hours later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 338600 [Tenda AC10U 15.03.06.48/15.03.06.49 HTTP POST Request /goform/setPptpUserList formSetPPTPUserList list 内存损坏] |
|---|
| 积分 | 17 |
|---|