The vulnerability can be exploited when the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application is accessed by a user. A successful exploit could allow attackers to cause a Denial of Service (DoS) condition by causing the 0x47de1c function to crash. Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 is vulnerable on Windows. The 0x47de1c function exists in the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application and allows users to view detailed information about the current connection.

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 Microsoft Word Object Library Vulnerability

Logs are automatically generated during the vulnerability process.

Vulnerability Exploitation Tutorial

The following steps will use a Windows 10 system with the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application installed:
1) Download and install the vulnerable application from the official website (https://www.tenda.com/support/download/).
2) Open the vulnerable application and view detailed information about your current connection (192,168,1,5,10).
3) Connect to the vulnerable application and attempt to exploit CVE-2022-41481.
4) The vulnerability was successfully exploited and a Denial of Service condition was created when 0x47de1c function crashed.

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 Vulnerability Description

A vulnerability has been identified in Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01, an application that runs on Windows. The vulnerability is caused due to insufficient input validation when the 0x47de1c function is called by a user. An exploit of this vulnerability could allow attackers to cause a Denial of Service (DoS) condition by causing the 0x47de1c function to crash.
The vulnerability can be exploited when the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application is accessed by a user who currently has an active connection with the device running the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 app and executes a crafted packet with high priority inbound traffic on port 53/tcp, resulting in 0×47de1c crashing, which would lead to a Denial of Service (DoS) condition by causing the device running the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.52 application to crash after it received and processed a crafted packet with high priority outbound traffic on port 53/tcp, resulting in 0x047de1c crashing again and repeating indefinitely until restarted or power cycled from

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01: How to check if you’re affected

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 is an application that allows users to view detailed information about the current connection. The 0x47de1c function exists in the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application and allows users to view detailed information about the current connection when accessed by a user, leaving it vulnerable to a Denial of Service (DoS) condition if exploited by an attacker.
The vulnerability can be exploited when the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 application is accessed by a user with administrative privileges using Microsoft Windows operating systems and allowed system calls on the target machine being used as a vector for exploitation of this vulnerability without authentication or authorization requiring no user interaction within the affected software applications for successful exploitation.

Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 0x47de1c Denial of Service PoC

In order to exploit the vulnerability, you need to know the 0x47de1c function. If you know the address of that function, you can send a specially crafted packet to crash it and cause DoS conditions. This PoC will crash the application because the 0x47de1c function always returns a negative value.

How To Outsource Your Marketing Strategy

Timeline

Published on: 10/13/2022 19:15:00 UTC
Last modified on: 10/18/2022 17:16:00 UTC

References