Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed

Permalink CVE-2026-2872

8.8 HIGH

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
4 packages
- winbox4
- jitsi-videobridge
- rocmPackages.hiprt
- tests.testers.runCommand.bork
1 month ago
@LeSuisse dismissed 1 month ago

Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

References

VDB-347109 | Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow vdb-entry technical-description
VDB-347109 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
Submit #754634 | Tenda A21 V1.0.0.0 Stack-based Buffer Overflow third-party-advisory
https://github.com/QIU-DIE/cve-nneeww/issues/3 issue-tracking exploit
https://www.tenda.com.cn/ product

Affected products

A21

==1.0.0.0

Ignored packages (4)

pkgs.winbox4

Graphical configuration utility for RouterOS-based devices

pkgs.jitsi-videobridge

WebRTC compatible video router

nixos-unstable videobridge2-2.3-249-g9a2123ad4
- nixpkgs-unstable videobridge2-2.3-249-g9a2123ad4
- nixos-unstable-small videobridge2-2.3-249-g9a2123ad4
nixos-25.11 videobridge2-2.3-249-g9a2123ad4
- nixos-25.11-small videobridge2-2.3-249-g9a2123ad4
- nixpkgs-25.11-darwin videobridge2-2.3-249-g9a2123ad4

pkgs.rocmPackages.hiprt

Ray tracing library for HIP

nixos-25.11 2.5.a21e075.3
- nixos-25.11-small 2.5.a21e075.3
- nixpkgs-25.11-darwin 2.5.a21e075.3

pkgs.tests.testers.runCommand.bork

None

nixos-unstable 4a214gc26j22
- nixpkgs-unstable 4a214gc26j22
- nixos-unstable-small 4a214gc26j22

Not present in nixpkgs