CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2021-31755

CVSS 9.8v3.1pub. 2021-05-07upd. 2025-11-10

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Tenda Ac11

    HW
    Tenda
    wszystkie wersje
  • Tenda Ac11 Firmware

    OS
    Tenda
    ≤ 02.03.01.104_cn

CISA KEV — detailsi

Vendori
Tenda
Producti
AC11 Router
Added to KEVi
November 3, 2021
Remediation deadline (US Federal)i
November 17, 2021(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 17 listopada 2021
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2021-46321CRITICAL9.8ten sam produkt

Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasi...

CVE-2021-46263CRITICAL9.8ten sam produkt

Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime...

CVE-2021-46264CRITICAL9.8ten sam produkt

Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineLi...

CVE-2021-46265CRITICAL9.8ten sam produkt

Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasic...

CVE-2021-46262CRITICAL9.8ten sam produkt

Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE mo...