Exploitation Summary
EIP tracks 1 public exploit for CVE-2021-38278. PoCs published by tomorroisnew.
Description
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.
Exploits (1)
github
NO CODE
2 stars
by tomorroisnew · poc
https://github.com/tomorroisnew/CVE/tree/main/CVE-2021-38278
References (1)
Core 1
Core References
Exploit, Vendor Advisory x_refsource_misc
https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-2-strcpy-buffer-overflow-92cd88e1d503
Scores
CVSS v3
9.8
EPSS
0.0139
EPSS Percentile
68.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
tendacn/ac10_firmware
15.03.06.23
Published
Mar 23, 2022
Tracked Since
Feb 18, 2026