Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
The vulnerability classified as CWE-121 (stack-based buffer overflow) consists in the fact that the UploadCfg function incorrectly handles the value of parameter v17 — it does not verify its length before writing it to the stack buffer. An attacker can send a specially crafted network request containing an excessively long parameter value, which leads to stack buffer overflow. The result is device instability and unavailability (DoS).
An attacker can remotely cause a device crash (DoS), resulting in interruption of its operation and loss of access to the network served by the router. Due to the CVSS vector (no required authentication, network as attack vector), the attack can be performed by any person with network access to the device.
Apply patches available from the manufacturer according to the references. Until the update is deployed, it is recommended to restrict access to the device management interface to trusted IP addresses only and isolate the device from untrusted network segments.
Tenda W30E Firmware version V16.01.0.19 (5037)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTenda W30e
HWTendawszystkie wersjeTenda W30e Firmware
OSTenda≤ 16.01.0.19\(5037\)
Related vulnerabilities
Command injection w Tenda W30E via parametr usbPartitionName
Tenda W30E V2 — predefiniowane domyślne hasło w firmware umożliwia nieautoryzowany dostęp
Brak ograniczenia prób logowania w Tenda W30E — atak brute-force
Stack overflow w Tenda W30E przez parametr 'page' w funkcji fromVirtualSer
Command injection w routerze Tenda W30E poprzez funkcję setFixTools