CVE-2021-42659

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 24-05-2022 02:15

Last modified: - 02-06-2022 07:39

Total changes: - 2

Description

There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Adjacent

Attack vector

High

Availability

None

Confidentiality

None

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

6.5

Base score

2.8

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=tenda AND product=ac9_firmware AND version=15.03.05.19\(6318\)

vendor=tenda AND product=ac9 AND version=1.0

AND

vendor=tenda AND product=ac9_firmware AND version=15.03.06.42_multi

vendor=tenda AND product=ac9 AND version=3.0

Reference

Keywords

CVE-2021-42659

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-42659

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures