3 matches found
CVE-2021-21749
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...
CVE-2021-21749
ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...
CVE-2021-21749
CVE-2021-21749 affects the ZTE MF971R web application (STK_PROCESS API). TALOS-2021-1321 describes a post-auth, stack-based buffer overflow in STK_PROCESS, where an attacker controls stk_content and stk_encode_type, leading to a vulnerable memcpy into a local buffer and remote code execution. The...