Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-33671: Tenda-CVE/README.md at main · DDizzzy79/Tenda-CVE

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.

CVE
Open in Source
#vulnerability#buffer_overflow

Permalink

Vulnerability Description

A stack-based overflow vulnerability that can be triggered via the saveParentControlInfo function in the /bin/httpd file.

Affected version:

US_AC8V4.0si_V16.03.34.06

To download the firmware: https://www.tenda.com.cn/download/detail-3518.html

Exploition details:

This is a buffer overflow vulnerability in the function responsible for handling the deviceId parameter within the saveParentControlInfo function. Upon receiving a POST request containing the deviceId parameter, this function allocates a buffer (var310) and then uses the strcpy function to copy the string from the deviceId parameter into the buffer. Since there is no input length restriction, if the input string’s length exceeds the size of the var310 buffer, a stack overflow will occur. An attacker could exploit this vulnerability to execute arbitrary code on the target system.

call-chain: saveParentControlInfo -> saveParentControlInfo

Result

This resulted a crash of the program, Verified locally core dump is in the smae dir

PoC :

In Additional information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE