Описание
A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-15008
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/L7Prot/L7Prot.md
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/L7Prot/L7Prot.md#reproduce
- https://vuldb.com/?ctiid.337714
- https://vuldb.com/?id.337714
- https://vuldb.com/?submit.719317
- https://www.tenda.com.cn
Связанные уязвимости
A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
Уязвимость компонента HTTP Request Handler микропрограммного обеспечения маршрутизаторов Tenda WH450, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации