PT-2023-8325 · Tenda · Tenda M3

Gd@Hillstone

Publicado

2023-12-26

Atualizado

2023-12-30

CVE-2023-51091

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.12(4856)

Description The issue is related to a stack overflow via the R7WebsSecurityHandler function, which can allow a remote attacker to execute arbitrary code. This is due to a buffer overflow vulnerability in the memory.

Recommendations For Tenda M3 version 1.0.0.12(4856), consider disabling the R7WebsSecurityHandler function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

BDU:2024-00439

CVE-2023-51091

Produtos afetados

Tenda M3

PT-2023-8325 · Tenda · Tenda M3

CVE-2023-51091

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9