#VU88555 Out-of-bounds write in AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router - CVE-2023-41560

Cybersecurity Help s.r.o.

Published: 2024-04-16

Vulnerability identifier: #VU88555

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-41560

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router
Hardware solutions / Routers for home users

Vendor: Shenzhen Tenda Technology Co.,Ltd.

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router: 15.03.06.42

External links
https://github.com/peris-navince/founded-0-days/blob/main/formSetFirewallCfg/1.md

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Sterling Order Management