Описание
A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-8980
- https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Tenda/G1_Auth.md
- https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Tenda/G1_Inte.md
- https://vuldb.com/?ctiid.319976
- https://vuldb.com/?id.319976
- https://vuldb.com/?submit.628605
- https://vuldb.com/?submit.628606
- https://www.tenda.com.cn
Связанные уязвимости
A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Уязвимость функции check_upload_file микропрограммного обеспечения маршрутизаторов Tenda G1, позволяющая нарушителю выполнить произвольный код или вызывать отказ в обслуживании