POC详情: cf9d0b3c4296fb2a78b39ac342a58a6a7e3257bf

来源
https://github.com/Mohammaddvd/CVE-2023-33669
关联漏洞
标题: Tenda AC8 缓冲区错误漏洞 (CVE-2023-33669)
描述:Tenda AC8是中国腾达(Tenda)公司的一款无线路由器。 Tenda AC8V4.0-V16.03.34.06版本存在安全漏洞,该漏洞源于参数timeZone存在堆栈溢出问题。
描述
Stack-Overflow on TendaAC8
介绍
# CVE-2023-33669 Exploit

Exploit for a stack overflow vulnerability in the Tenda AC8 router, specifically targeting firmware version `US_AC8V4.0si_V16.03.34.06`.
[Official product page](https://www.tenda.com.cn/download/detail-3518.html).

## Emulation
You can put 'prepare.sh' file in root directory of firmware and execute it. Also for RCE you have to setup tftp server and put 'nc' file in `/tftpboot`.


https://github.com/user-attachments/assets/0eef4f92-074a-4b41-845c-5cfb18309409



This exploit is intended for educational purposes
文件快照

 [4.0K]  /data/pocs/cf9d0b3c4296fb2a78b39ac342a58a6a7e3257bf
├── [2.1K]  exploit_CVE-2023-33669.py
├── [174K]  nc
├── [ 121]  prepare.sh
└── [ 542]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。