Описание
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-15217
- https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1
- https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1?source=copy_link
- https://vuldb.com/?ctiid.338602
- https://vuldb.com/?id.338602
- https://vuldb.com/?submit.725448
- https://www.tenda.com.cn
Связанные уязвимости
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
Уязвимость функции formSetPPTPUserList() микропрограммного обеспечения маршрутизаторов Tenda AC23, позволяющая нарушителю вызвать отказ в обслуживании