Null Pointer Dereference in Tenda AC Series Allows Remote Exploit
A vulnerability exists in Tenda routers, including models AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500, and AC1206, up to version 20241022. It is considered problematic. The vulnerability affects the websReadEvent function in the /goform/GetIPTV file. Altering the Content-Length argument can cause a null pointer dereference. This attack can be launched remotely. The exploit is publicly available and can be used.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
tenda ac15 firmware 15.03.05.18 |
||
tenda ac15 firmware 15.03.05.19 |
||
tenda ac7 firmware 15.03.06.44 |
||
tenda ac10u firmware 15.03.06.48 |
||
tenda ac10u firmware 15.03.06.49 |
||
tenda ac500 firmware 1.0.0.14 |
||
tenda ac500 firmware 1.0.0.16 |
||
tenda ac500 firmware 2.0.1.9(1307) |
||
tenda ac18 firmware 15.03.05.05 |
||
tenda ac18 firmware 15.03.05.19(6318) |
||
tenda ac9 firmware 15.03.2.13 |
||
tenda ac9 firmware 15.03.05.14 |
||
tenda ac9 firmware 15.03.05.19(6318) |
||
tenda ac9 firmware 15.03.06.42 |
||
tenda ac1206 firmware 15.03.06.23 |
||
tenda ac6 firmware 15.03.06.23 |
||
tenda ac10 firmware 16.03.10.13 |
||
tenda ac10 firmware 16.03.10.20 |
||
tenda ac10 firmware 16.03.48.19 |
||
tenda ac10 firmware 16.03.48.23 |
||
tenda ac8 firmware 16.03.34.06 |
||
tenda ac8 firmware 16.03.34.09 |
Vulmon