Headline
CVE-2023-2923: vul/1.md at main · GleamingEyes/vul
A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Tenda AC6 Unauthorized stack overflow vulnerability
1.Affected version
US_AC6V1.0BR_V15.03.05.19
2.Firmware download address
资料下载_腾达(Tenda)官方网站
3.Vulnerability details
The function “fromDhcpListClient” is vulnerable to a stack-based buffer overflow. When this function reads in a parameter supplied by the user, it passes the variable to the function without performing any length check, which means that the stack-based buffer could be overflowed. This vulnerability could allow an attacker to easily execute a denial-of-service attack or remote code execution with carefully crafted overflow data by accessing the page. To secure the system, input parameters should be strictly checked and filtered for length to prevent such vulnerabilities from occurring.
4.Recurring vulnerabilities and POC
Due to legal and policy restrictions, we cannot provide the attack exploit code for this vulnerability at the moment.
5.Author
田文奇