Vulnerability Details CVE-2019-19505
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.044
EPSS Ranking 88.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2019-19505
-
cpe:2.3:h:tendacn:pa6:-
-
cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21