CVE-2021-40546 - OpenCVE

Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Tenda	Ac6 Ac6 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tenda:ac6_firmware:02.03.01.26:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac6:4.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/doudoudedi/buffer_overflow/blob/main/Tenda%20AC6%20V4.0-Denial%20of%20Service%20Vulnerability.md	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-09-05T00:00:00

Updated: 2023-09-05T18:39:24.445404

Reserved: 2021-09-07T00:00:00

Link: CVE-2021-40546

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-09-05T19:15:48.523

Modified: 2023-09-07T19:37:58.750

Link: CVE-2021-40546

JSON object: View

Redhat Information

No data.

CWE

CWE-404