CVE-2022-35559 Information

Description

A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122) which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.

Reference

https://github.com/ilovekeer/IOT/tree/main/Tenda/W6/stackoverflow/formSetAutoPing