Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit.
References
Link | Resource |
---|---|
https://hackmd.io/U7OVgYIuRcOKV7SW5-euHw | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-14T15:00:05
Updated: 2021-04-14T15:00:05
Reserved: 2021-02-25T00:00:00
Link: CVE-2021-27707
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-14T15:15:14.440
Modified: 2021-04-20T21:43:18.270
Link: CVE-2021-27707
JSON object: View
Redhat Information
No data.
CWE