Description
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-14447 | Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit. |
References
| Link | Providers |
|---|---|
| https://hackmd.io/Zb7lfFaNR0ScpaTssECFbg |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T21:26:10.726Z
Reserved: 2021-02-25T00:00:00.000Z
Link: CVE-2021-27705
No data.
Status : Modified
Published: 2021-04-14T15:15:13.970
Modified: 2026-06-17T03:45:21.953
Link: CVE-2021-27705
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
EUVD