Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-33669 PoC — Tenda AC8 缓冲区错误漏洞

Source
https://github.com/Mohammaddvd/CVE-2023-33669
Associated Vulnerability
Title:Tenda AC8 缓冲区错误漏洞 (CVE-2023-33669)
Description:Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.
Description
Stack-Overflow on TendaAC8
Readme
# CVE-2023-33669 Exploit

Exploit for a stack overflow vulnerability in the Tenda AC8 router, specifically targeting firmware version `US_AC8V4.0si_V16.03.34.06`.
[Official product page](https://www.tenda.com.cn/download/detail-3518.html).

## Emulation
You can put 'prepare.sh' file in root directory of firmware and execute it. Also for RCE you have to setup tftp server and put 'nc' file in `/tftpboot`.


https://github.com/user-attachments/assets/0eef4f92-074a-4b41-845c-5cfb18309409



This exploit is intended for educational purposes
File Snapshot

 [4.0K]  /data/pocs/cf9d0b3c4296fb2a78b39ac342a58a6a7e3257bf
├── [2.1K]  exploit_CVE-2023-33669.py
├── [174K]  nc
├── [ 121]  prepare.sh
└── [ 542]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →