Primary

Context

Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability in set_ws_action Function

Vulnerability

A critical heap-based buffer overflow vulnerability has been identified in the Tenda DAP-1520 access point, specifically in the firmware version 1.10B04_BETA02. The issue arises in the set_ws_action function within the file /dws/api/, where improper handling of input data allows for remote exploitation of the vulnerability.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly result in arbitrary code execution or causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending an HTTP request to the /dws/api/ endpoint with a crafted payload that exceeds 20 bytes. This can be done using a Python script that utilizes the requests library to send the request. The payload should be carefully constructed to exploit the buffer overflow by overwriting adjacent memory locations on the heap.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability in set_ws_action Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating