Описание
A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument newVersion causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument newVersion causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-11586
- https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC7/setNotUpgrade.md
- https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC7/setNotUpgrade.md#exploit
- https://vuldb.com/?ctiid.327908
- https://vuldb.com/?id.327908
- https://vuldb.com/?submit.671597
- https://www.tenda.com.cn
Связанные уязвимости
A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument newVersion causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Уязвимость функции SetValue() микропрограммного обеспечения маршрутизаторов Tenda AC7, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании