PT-2023-8314 · Tenda · Tenda W9

Gd@Hillstone

Publicado

2023-12-26

Atualizado

2023-12-30

CVE-2023-51101

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Tenda W9 version 1.0.0.7(4456) CN

Description The issue is related to a stack overflow vulnerability in the formSetUplinkInfo function of the Tenda W9 wireless access point's firmware, allowing an attacker to execute arbitrary code remotely by exploiting the buffer overflow in memory.

Recommendations For Tenda W9 version 1.0.0.7(4456) CN, consider disabling the formSetUplinkInfo function as a temporary workaround until a patch is available.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

BDU:2024-00428

CVE-2023-51101

Produtos afetados

Tenda W9

PT-2023-8314 · Tenda · Tenda W9

CVE-2023-51101

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8