Stack Overflow Vulnerability in Tenda AC21 Router Firmware

CVE-2023-24333

Summary

A stack overflow vulnerability has been identified in the Tenda AC21 router, specifically in the firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01. This vulnerability allows attackers to exploit the device by sending specially crafted POST requests to the /goform/openSchedWifi endpoint. Successful exploitation can lead to unauthorized execution of arbitrary commands on the affected router, potentially compromising the integrity and security of the entire network. Users are urged to implement immediate mitigation steps to safeguard against potential attacks and protect sensitive data.

References