There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
References
Link | Resource |
---|---|
https://www.cnvd.org.cn/flaw/show/CNVD-2021-24948 | Third Party Advisory |
https://github.com/Lyc-heng/routers/blob/main/routers/stack4.md | Exploit Third Party Advisory |
Information
Published : 2022-05-24 05:15
Updated : 2022-07-12 10:42
NVD link : CVE-2021-42659
Mitre link : CVE-2021-42659
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
tenda
- ac9_firmware
- ac9