Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-33673: Tenda-CVE/README.md at main · DDizzzy79/Tenda-CVE

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

CVE
Open in Source
#vulnerability#buffer_overflow

Permalink

Cannot retrieve contributors at this time

Vulnerability Description

A stack-based overflow vulnerability that can be triggered via the formSetFirewallCfg function of Tenda AC8V4.0-V16.03.34.06 in the /bin/httpd file.

Affected version:

US_AC8V4.0si_V16.03.34.06

To download the firmware: https://www.tenda.com.cn/download/detail-3518.html

Exploition details:

This is a buffer overflow vulnerability in the function formSetFirewallCfg which handles the firewallEn parameter. Upon receiving a POST request containing the firewallEn parameter, the function uses the strcpy function to copy the string from the firewallEn parameter into the var98 buffer. Since there is no input length restriction, if the input string’s length exceeds the size of the var98 buffer, a stack overflow will occur. An attacker could exploit this vulnerability to execute arbitrary code on the target system.

call chain: SetFirewallCfg->formSetFirewallCfg

Result

This resulted a crash of the program, Verified locally Core dump is in the same dir

PoC :

In Additional information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE