Description
A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
VDB-282866 | Tenda AC6 SetOnlineDevName formSetDeviceName stack-based overflow
VDB-282866 | CTI Indicators (IOB, IOC, IOA)
Tenda AC6 V15.03.05.19 Buffer Overflow