CNNVD-202512-5468 Information
CNNVD ID
CNNVD-202512-5468
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
Tenda M3是中国腾达(Tenda)公司的一款门禁控制器。 Tenda M3 1.0.0.13版本存在安全漏洞,该漏洞源于对文件/goform/setAdInfoDetail中参数adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID的错误操作,可能导致堆缓冲区溢出。
Description (English)
Tenda M3 is a door-ban controller for Tenda, China. There is a security loophole in version Tenda M3.0.0.13, which stems from an error in the application of the parameter ad of /goform/setAdInfoDetailName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID, which may result in a spill over the buffer zone.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
腾达
Published
2025-12-30
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.338629 https://github.com/dwBruijn/CVEs/blob/main/Tenda/setAdInfoDetail.md https://vuldb.com/?submit.725495 https://vuldb.com/?id.338629 https://www.tenda.com.cn/
Share on: