exploitDog

CVE-2025-28221

Опубликовано: 28 мар. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request.

Ссылки

https://github.com/IdaJea/IOT_vuln_1/blob/master/w6_s_v1.0.0.4/time.pdf
Broken Link

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tenda:w6-s_firmware:1.0.0.4\(510\):*:*:*:*:*:*:*

cpe:2.3:h:tenda:w6-s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00603

Низкий

7.5 High

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-rq3r-6rf7-m7m9

CVSS3: 7.5

github

11 месяцев назад

Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request.

EPSS

Процентиль: 69%

0.00603

Низкий

7.5 High

CVSS3

Дефекты

CWE-120