Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit.
References
Link | Resource |
---|---|
https://hackmd.io/BhzJ4H20TjqKUiBrDOIKaw | Exploit Third Party Advisory |
https://hackmd.io/BhzJ4H20TjqKUiBrDOIKaw | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 05:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://hackmd.io/BhzJ4H20TjqKUiBrDOIKaw - Exploit, Third Party Advisory |
Information
Published : 2021-04-14 15:15
Updated : 2024-11-21 05:58
NVD link : CVE-2021-27706
Mitre link : CVE-2021-27706
CVE.ORG link : CVE-2021-27706
JSON object : View
Products Affected
tenda
- g1_firmware
- g3_firmware
- g1
- g3
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')