A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.
References
Link | Resource |
---|---|
https://github.com/ilovekeer/IOT/tree/main/Tenda/W6/stackoverflow/formSetAutoPing | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2022-08-12 08:15
Updated : 2022-08-16 07:52
NVD link : CVE-2022-35559
Mitre link : CVE-2022-35559
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
tenda
- w6
- w6_firmware