Описание
A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Уязвимость функций SetValue() и GetValue() (/goform/setDhcpConfig) микропрограммного обеспечения беспроводных точек доступа Tenda O3, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3
9 Critical
CVSS2