TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tp-link | tl-wdr7661_firmware | - |
| tp-link | tl-wdr7620_firmware | - |
| tp-link | tl-wdr5660_firmware | - |
| fastcom | fac1900r_firmware | 20190827_2.0.2 |
| tp-link | tl-wdr7660_firmware | 2.0.30 |
| mercusys | mercury_d196g_firmware | 20200109_2.0.4 |
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tp-link | tl-wdr7661_firmware | - |
| tp-link | tl-wdr7620_firmware | - |
| tp-link | tl-wdr5660_firmware | - |
| fastcom | fac1900r_firmware | 20190827_2.0.2 |
| tp-link | tl-wdr7660_firmware | 2.0.30 |
| mercusys | mercury_d196g_firmware | 20200109_2.0.4 |
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fastcom | fac1200r_firmware | f400_fac1200r_q |
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter string fac_password.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fastcom | fac1200r_firmware | f400_fac1200r_q |