CVE-2022-38564 Tenda M3 V1.0.0.12 had a buffer overflow vulnerability in the function formSetPicListItem.

A remote attacker can inject malicious code into the function and can cause a DoS condition on the targeted device.

Tenda M3 V1.0.0.12(4856) has a critical flaw in the formPICLIST_IMAGE_HANDLER function. An attacker can exploit this vulnerability to cause a DoS condition on the targeted device.

Tenda M3 V1.0.0.12(4856) HTTP Referer

Remote Code Execution
Tenda M3 V1.0.0.12(4856) has a critical flaw in the function PICLIST_IMAGE_HANDLER that can be exploited to cause a DoS condition on the targeted device. An attacker can exploit this vulnerability by injecting malicious code into the function and causing a DoS condition on the targeted device.

Tent M3 V1.0.0.12(4856) DoS vuln

Tenda M3 V1.0.0.12(4856) has a critical flaw in the functionPICLIST_IMAGE_HANDLER, which can be exploited to cause a DoS condition on the targeted device. This vulnerability is CVE-2022-38564.
The vulnerability exists because the attacker can inject malicious code into the function and cause a DoS condition on the targeted device.

Tenda M3 V1.0.0.12(4856) Software Walk-Through:

In the function PICLIST_IMAGE_HANDLER, "count" is used as a loop counter. The number of loops should not exceed 65535, but in this case, it exceeds that value. This can cause a DoS condition on the targeted device.

Tenda M3 V1.0.0.12(4856) hardware details##

A remote attacker can inject malicious code into the function and can cause a DoS condition on the targeted device.

Tenda M3 V1.0.0.12(4856) HTTP Referer Flaw

A remote attacker can exploit it to cause the HTTP referer field in requests to be spoofed.

Timeline

Published on: 08/28/2022 17:15:00 UTC
Last modified on: 09/01/2022 14:45:00 UTC

References

• https://github.com/xxy1126/Vuln/tree/main/Tenda%20M3/formSetPicListItem
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38564