Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
References
Link | Resource |
---|---|
https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-07T00:00:00
Updated: 2023-11-07T14:50:19.518773
Reserved: 2023-11-06T00:00:00
Link: CVE-2023-47455
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-07T15:15:10.870
Modified: 2023-11-14T19:42:40.660
Link: CVE-2023-47455
JSON object: View
Redhat Information
No data.
CWE