69 matches found
Stack overflow
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function...
CVE-2022-25460
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function...
CVE-2022-25460
CVE-2022-25460 affects the Tenda AC6 router, specifically v15.03.05.09_multi. A stack overflow exists in the SetPptpServerCfg function that can be triggered via the endip parameter, potentially allowing arbitrary command execution. Several connected sources (CNVD/CNNVD/Red Hat entry) describe the...
CVE-2022-25461
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function...
CVE-2022-25461
CVE-2022-25461 concerns the Tenda AC6 router. The affected component is the SetPptpServerCfg function, where a stack overflow is triggered through the startip parameter in v15.03.05.09_multi. This condition can lead to arbitrary command execution as described in CNVD/CNVD-like and other CVE mirro...
Tenda AC6 缓冲区错误漏洞
The Tenda AC6 is a wireless router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda AC6 SetPptpServerCfg function, which can be exploited by an attacker to cause arbitrary command execution...
Tenda AC6 缓冲区错误漏洞
The Tenda AC6 is a wireless router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda AC6 SetPptpServerCfg function, which can be exploited by an attacker to cause arbitrary command execution...
CVE-2021-46394
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack...
CVE-2021-46393
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...