Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-41484: Bug-Report/tplink-AC1900 .md at main · Davidteeri/Bug-Report

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE
Open in Source
#vulnerability#dos#buffer_overflow

Vulnerability Report

Vendor: TP-Link

Product: AC1900 Wireless Gigabit Access Point

Version: AP500(US)_V1_180320(Beta)(Download Link:https://www.tp-link.com/us/support/download/ap500/#Firmware)

Type: Buffer Overflow

Vulnerability description

We found a buffer overflow vulnerability in AC1900 with firmware which was released recently, allows remote attackers to destory the execution memory from a crafted request. This can cause a denial of service or impact code execution.

Remote Command Execution

In wl binary:

There is a stack overflow vulnerability caused by strncpy. Details as follow:

In function 0x32384, the length of _nptr_00 is not limited.

The buffer size of the destination (acStack88) is 32 bytes.

If the length of _nptr_00 is greater than 40 bytes, it will cause stack overflow.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE