PT-2021-17603 · Tenda · Tenda G3+2

Jinwen Zhou

Published

2021-04-15

Updated

2022-07-12

CVE-2021-27691

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Tenda G0 routers versions v15.11.0.5(5876) CN through v15.11.0.6(9039) CN Tenda G1 and G3 routers versions v15.11.0.16(9024) CN through v15.11.0.17(9502) CN

Description: The issue allows remote attackers to execute arbitrary OS commands via a crafted "action/setDebugCfg" request. This occurs because the formSetDebugCfg function executes glibc's system function with untrusted input.

Recommendations: For Tenda G0 routers versions v15.11.0.5(5876) CN through v15.11.0.6(9039) CN, consider disabling the formSetDebugCfg function until a patch is available. For Tenda G1 and G3 routers versions v15.11.0.16(9024) CN through v15.11.0.17(9502) CN, restrict access to the "action/setDebugCfg" request to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-78

Related Identifiers

CVE-2021-27691

Affected Products

Tenda G0

Tenda G1

Tenda G3

PT-2021-17603 · Tenda · Tenda G3+2

CVE-2021-27691

Weakness Enumeration

Related Identifiers

Affected Products

References · 4