CVE-2021-31624

Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.

Published: Oct 29, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-31624
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 5.8
AV:A/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
tendacn / ac9_firmware	-	15.03.06.42_multi.x
tendacn / ac9_firmware	-	15.03.05.19\(6318\).x

http://tenda.com
https://github.com/Lyc-heng/routers/blob/main/routers/stack2.md

Vulnerability Database

290,020

CVE-2021-31624