Page 7 of 40 results (0.004 seconds)

CVSS: 10.0EPSS: 94%CPEs: 6EXPL: 1

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Se ha descubierto un problema en dispositivos Tenda AC7 con firmware hasta la versión V15.03.06.44_CN(AC7), dispositivos AC9 devices con firmware hasta la versión V15.03.05.19(6318)_CN(AC9) y dispositivos AC10 con firmware hasta la versión V15.03.06.23_CN(AC10). Una vulnerabilidad de inyección de comandos permite que los atacantes ejecuten comandos arbitrarios del sistema operativo mediante una petición goform/setUsbUnload. • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-01/Tenda.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceList' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN y AC18 V15.03.05.19(6318)_CN. Es una vulnerabilidad de desbordamiento de búfer en el servidor web del router, httpd. • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack1.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN y AC18 V15.03.05.19(6318)_CN. Es una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en el servidor web del router, httpd. • https://github.com/ZIllR0/Routers/blob/master/Tenda/heapoverflow1.md • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters for a post request, each value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN y AC18 V15.03.05.19(6318)_CN. Es una vulnerabilidad de desbordamiento de búfer en el servidor web del router, httpd. • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack3.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN y AC18 V15.03.05.19(6318)_CN. Es una vulnerabilidad de desbordamiento de búfer en el servidor web del router, httpd. • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack4.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •