Описание
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21:*:*:*:*:*:*:*
cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04409
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-787
Связанные уязвимости
github
больше 3 лет назад
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
EPSS
Процентиль: 89%
0.04409
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-787