Primary

Context

Tenda AC10 Buffer Overflow Vulnerability in AdvSetMacMtuWan

Vulnerability

A buffer overflow vulnerability has been identified in the Tenda AC10 router, specifically in the firmware version V4.0si_V16.03.10.20. The vulnerability arises in the AdvSetMacMtuWan function, where the serviceName2 key value can be manipulated to cause a stack overflow. This issue allows remote, unauthenticated attackers to execute arbitrary commands with root privileges.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing a segmentation fault and potentially allowing for arbitrary code execution as root.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/AdvSetMacMtuWan' endpoint with the 'serviceName2' parameter set to a string of repeated characters, approximately 768 bytes in length. This can be done using a Python script that imports the requests library.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC10 Buffer Overflow Vulnerability in AdvSetMacMtuWan

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC10

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating