CVE-2023-27012: Tenda/5.md at main · DrizzlingSun/Tenda

Tenda AC10 Unauthorized stack overflow vulnerability

****1. Affected version:****

US_AC10V4.0si_V16.03.10.13_cn

****2. Firmware download address****

资料下载_腾达(Tenda)官方网站

****3. Vulnerability details****

The function “setSchedWifi” contains a stack-based buffer overflow vulnerability. In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check, which may lead to overflow of the stack-based buffer. As a result, by requesting the page, an attacker can easily execute a denial of service attack or remote code execution with carefully crafted overflow data.

****4. Recurring vulnerabilities and POC****

Due to legal and policy reasons, we are unable to provide the exploit for this vulnerability at this time.

5. Author

Drizzling_Sun @KRlab