Описание
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tenda:g1_firmware:v15.11.0.17\(9502\)_cn:*:*:*:*:*:*:*
cpe:2.3:h:tenda:g1:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:tenda:g3_firmware:v15.11.0.17\(9502\)_cn:*:*:*:*:*:*:*
cpe:2.3:h:tenda:g3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03106
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120
Связанные уязвимости
github
больше 3 лет назад
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.
EPSS
Процентиль: 86%
0.03106
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120