Primary

Context

Tenda G3 Stack Overflow Vulnerability in formSetDebugCfg Function Allowing Denial-of-Service

Vulnerability

Patched

A stack overflow vulnerability has been identified in the Tenda G3 router, specifically in the firmware version G3V3.0br_V15.11.0.17. The issue arises in the formSetDebugCfg function, where user-provided parameters are passed to the sprintf function without proper length validation. This oversight allows remote attackers to craft HTTP POST requests that exploit the buffer overflow, leading to a denial-of-service condition or potentially allowing remote code execution.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, with the potential for remote code execution.

Reproduction

The vulnerability can be reproduced by sending an HTTP POST request to the '/goform/setDebugCfg' endpoint with crafted parameters that overflow the stack-based buffer. This can be done using a Python script that includes the 'requests' library, where the 'enable' parameter is filled with a string of 'a' characters repeated 2000 times.

Added: Sep 9, 2025, 5:42 PM

Updated: Sep 9, 2025, 5:42 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.5

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.5

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda G3 Stack Overflow Vulnerability in formSetDebugCfg Function Allowing Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

Tenda G3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating