漏洞标题
腾达TX9 SetVirtualServerCfg子程序_42CB94基于栈的溢出
漏洞描述信息
在Tenda TX9 22.03.02.10中发现了一个被列为关键的漏洞。此漏洞影响文件/goform/SetVirtualServerCfg中的函数sub_42CB94。操纵参数列表会导致栈溢出。远程发起攻击是可能的。该漏洞已经被公开披露,可能被利用。与该漏洞关联的标识符是VDB-261855。注意:供应商在此次披露早期就被联系,但未以任何方式回复。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
漏洞类别
跨界内存写
漏洞标题
Tenda TX9 SetVirtualServerCfg sub_42CB94 stack-based overflow
漏洞描述信息
A vulnerability classified as critical has been found in Tenda TX9 22.03.02.10. This affects the function sub_42CB94 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
栈缓冲区溢出
漏洞标题
Tenda TX9 安全漏洞
漏洞描述信息
Tenda TX9 Pro是中国腾达(Tenda)公司的一款双频 Wi-Fi 6 路由器。 Tenda TX9 22.03.02.10 版本存在安全漏洞,该漏洞源于 /goform/SetVirtualServerCfg 文件的 sub_42CB94 方法的 list 参数存在缓冲区溢出漏洞。
CVSS信息
N/A
漏洞类别
其他