Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.
The vulnerability results from the lack of proper validation of input data length for the ssid parameter passed to the form_fast_setting_wifi_set function. An attacker can send a crafted network request to the device containing an excessively long value of the ssid parameter, which leads to a buffer overflow in memory. This results in potential overwriting of critical memory areas and the possibility of executing arbitrary code.
The attacker gains full control over the device, which includes violation of confidentiality, integrity, and system availability. Remote code execution (RCE) is possible with the privileges of the process handling the request.
Apply patches available from the manufacturer according to the references. If an update is not available, it is recommended to isolate the device from unauthorized network access, restrict access to the administrative interface to trusted hosts only, and consider replacing the device with a model that has active manufacturer support.
Tenda AC10 V1.0 with firmware version V15.03.06.23
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTenda Ac10
HWTenda1.0Tenda Ac10 Firmware
OSTenda15.03.06.23
Related vulnerabilities
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firm...
Buffer overflow w Tenda AC10 β RCE i DoS przez pole serviceName
Buffer Overflow w Tenda AC10 β handler formSetPPTPUserList
Buffer overflow w Tenda AC10 β podatnoΕΔ w funkcji AdvSetMacMtuWan (mac2)
Command injection w Tenda AC10 β zdalne wykonanie kodu przez formexeCommand