PT-2021-17608 · Tenda · Tenda G3+1

Jinwen Zhou

Published

2021-04-14

Updated

2021-04-20

CVE-2021-27705

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Tenda G1 and G3 routers version v15.11.0.17(9502) CN

Description: A buffer overflow issue allows remote attackers to execute arbitrary code via a crafted action/"qosIndex " request. This occurs because the formQOSRuleDel function directly passes the parameter qosIndex to strcpy without limit.

Recommendations: For Tenda G1 and G3 routers version v15.11.0.17(9502) CN, as a temporary workaround, consider disabling the formQOSRuleDel function until a patch is available. Restrict access to the API endpoint that handles the "qosIndex" request to minimize the risk of exploitation. Avoid using the parameter qosIndex in the affected API endpoint until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-27705

Affected Products

Tenda G1

Tenda G3

PT-2021-17608 · Tenda · Tenda G3+1

CVE-2021-27705

Weakness Enumeration

Related Identifiers

Affected Products

References · 3