Dismissed
Permalink
CVE-2026-2191
7.2 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @jopejoe1 Activity log
- Created automatic suggestion
- @jopejoe1 dismissed
Tenda AC9 formGetDdosDefenceList stack-based overflow
A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
References
- VDB-344894 | Tenda AC9 formGetDdosDefenceList stack-based overflow vdb-entry technical-description
- VDB-344894 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #749800 | Tenda AC9 v1.0/V3.0 V15.03.06.42_multi Stack-based Buffer Overflow third-party-advisory
- https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda3.md exploit
- https://www.tenda.com.cn/ product
- VDB-344894 | Tenda AC9 formGetDdosDefenceList stack-based overflow vdb-entry technical-description
- VDB-344894 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #749800 | Tenda AC9 v1.0/V3.0 V15.03.06.42_multi Stack-based Buffer Overflow third-party-advisory
- https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda3.md exploit
- https://www.tenda.com.cn/ product
Affected products
AC9
- ==15.03.06.42_multi
Matching in nixpkgs
pkgs.vimPlugins.nvim-treesitter-parsers.kconfig
Tree-sitter grammar for kconfig
-
nixos-unstable 0.0.0+rev=9ac99fe
- nixpkgs-unstable 0.0.0+rev=9ac99fe
- nixos-unstable-small 0.0.0+rev=9ac99fe