Tenda CP6 Risky Cryptographic Vulnerability in Firmware Version 11.10.00.243
Vulnerability
A vulnerability exists in the Tenda CP6 router, specifically in firmware version 11.10.00.243. The issue arises in the 'uhttp' component, within the function 'sub_2B7D04'. During the firmware update process, this function applies an additive checksum for integrity verification. However, attackers can craft malicious firmware that mimics the checksum of legitimate updates, effectively bypassing the verification process. This flaw allows the installation of harmful firmware that could execute arbitrary code or cause a denial-of-service condition on the device.
Impact
Exploitation of this vulnerability could lead to the execution of arbitrary code on the affected device or cause a denial-of-service condition.
Reproduction
To reproduce this vulnerability, upload a firmware file that has been modified to include the same additive checksum as a legitimate update. This will bypass the integrity verification process and allow the malicious firmware to be installed on the device.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.