This vulnerability lies in the /VirtualSer page on the latest version of Tenda 4G300.
- Binary Path: /cpio-root/bin/httpd
- Entry Url: /VirtualSer
- Affected Versions
- Tenda 4G300 V1.01.42
There is a stack-based buffer overflow vulnerability in page VirtualSer. An attacker can set page field in requests to launch a denial-of-service or remote-code-execution attack.
In function FUN_0042e914 it reads user provided parameter page into uVar2, this variable is passed into function sprintf without any length check, which may overflow the stack-based buffer acStack_110.