Описание
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field serverName) to /goform/AdvSetMacMtuWan.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00103
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 6.5
github
около 2 месяцев назад
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serverName`) to /goform/AdvSetMacMtuWan.
EPSS
Процентиль: 29%
0.00103
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-120