| 标题 | Tenda F451_kfw_V1.0.0.7_cn_svn7958 V1.0.0.7 Buffer Overflow |
|---|
| 描述 | We found an overflow vulnerability in httpd :
In fromSafeUrlFilter function,it reads in a user-provided parameter page and menufacturer.
If the value of menufacturer is empty, the variable v9 will be passed to the sprintf function without any length check, which may overflow the stack-based buffer s.
As a result, by requesting the page, an attacker can easily execute a denial of service attack or remote code execution. |
|---|
| 来源 | ⚠️ https://github.com/Jimi-Lab/cve/issues/17 |
|---|
| 用户 | Jxm666 (UID 96919) |
|---|
| 提交 | 2026-03-30 16時02分 (14 日前) |
|---|
| 管理 | 2026-04-12 09時22分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 356997 [Tenda F451 1.0.0.7_cn_svn7958 /goform/SafeUrlFilter fromSafeUrlFilter page 内存损坏] |
|---|
| 积分 | 20 |
|---|