Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromVirtualSer function.
An attacker sends a crafted network request containing an excessively long value of the 'page' parameter passed to the fromVirtualSer function in the device firmware. Lack of proper input length validation causes a stack buffer overflow (CWE-125), which allows overwriting critical memory areas. The attack requires no authentication or user interaction and can be conducted remotely over the network.
Successful exploitation of the vulnerability may allow an attacker to take full control of the device, including arbitrary code execution (RCE), as well as breach of confidentiality, integrity and availability of the system.
Patches available from the manufacturer should be applied according to references. It is also recommended to restrict access to the device management interface only to trusted networks and to disable remote access to the admin panel if not required.
Tenda W30E firmware version v1.0 V1.0.1.25(633)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTenda W30e
HWTendawszystkie wersjeTenda W30e Firmware
OSTenda1.0.1.25\(633\)
Related vulnerabilities
Command injection w Tenda W30E via parametr usbPartitionName
Tenda W30E V2 — predefiniowane domyślne hasło w firmware umożliwia nieautoryzowany dostęp
Brak ograniczenia prób logowania w Tenda W30E — atak brute-force
Tenda W30E — stack overflow w funkcji UploadCfg (parametr v17)
Command injection w routerze Tenda W30E poprzez funkcję setFixTools