Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow.
The vulnerability exists in the setSchedWifi function handling the /goform/openSchedWifi endpoint in the device firmware. By manipulating the schedEndTime argument, an attacker can provide an excessively long value that exceeds the stack buffer size. This results in overwriting stack memory areas (CWE-787, CWE-120), which can allow arbitrary code execution on the device.
An unauthenticated attacker can remotely gain full control over the device, which includes breaching confidentiality, integrity, and availability of the system, as well as potentially gaining access to the network to which the router is connected.
Apply patches available from the manufacturer according to the references. As an immediate action to limit risk, it is recommended to restrict access to the device's administrative interface only to trusted IP addresses and disable remote management if not required.
Tenda AC8v4 with firmware version V16.03.34.06
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTenda Ac8
HWTenda4.0Tenda Ac8 Firmware
OSTenda16.03.34.06
Related vulnerabilities
Buffer Overflow w Tenda AC8 — funkcja fromSetRouteStatic
Tenda AC8V4 — stack-based buffer overflow w funkcji WifiExtraSet
Buffer overflow w Tenda AC8V4 — stack overflow w funkcji get_parentControl_list_Info
Tenda AC8V4 — stack overflow przez parametr shareSpeed (RCE)
Tenda AC8V4 — stack overflow w parametrze shareSpeed (RCE)