18 results (0.006 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by this vulnerability is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/fromDhcpSetSer.md https://vuldb.com/?ctiid.262135 https://vuldb.com/?id.262135 https://vuldb.com/?submit.319826 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in Tenda W9 1.0.0.7(4456). Affected is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formwrlSSIDset.md https://vuldb.com/?ctiid.262134 https://vuldb.com/?id.262134 https://vuldb.com/?submit.319825 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been rated as critical. This issue affects the function formwrlSSIDget of the file /goform/wifiSSIDget. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formwrlSSIDget.md https://vuldb.com/?ctiid.262133 https://vuldb.com/?id.262133 https://vuldb.com/?submit.319824 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been declared as critical. This vulnerability affects the function formQosManageDouble_auto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formQosManageDouble_user.md https://vuldb.com/?ctiid.262132 https://vuldb.com/?id.262132 https://vuldb.com/?submit.319823 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. This affects the function formQosManageDouble_user. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W9/formQosManageDouble_auto.md https://vuldb.com/?ctiid.262131 https://vuldb.com/?id.262131 https://vuldb.com/?submit.319822 • CWE-121: Stack-based Buffer Overflow •