Liyu Zhu

**Name of the Vulnerable Software and Affected Versions** Tenda A18 version 15.13.07.13 **Description** A flaw exists in the Tenda A18 device that could allow for remote code execution. The issue is located within the Httpd Service, specifically in the `webCgiGetUploadFile()` function found in the `/cgi-bin/UploadCfg` file. Manipulation of a boundary condition within this function can lead to a stack-based buffer overflow. The exploit for this issue is publicly available. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/cgi-bin/UploadCfg` file.

**Name of the Vulnerable Software and Affected Versions** Sangfor Operation and Maintenance Management System versions up to 3.0.8 **Description** A flaw exists in the HTTP POST Request Handler component of the software, specifically in the processing of the `/isomp-protocol/protocol/getHis` file. Manipulation of the `sessionPath` argument can lead to operating system command injection. The attack can be initiated remotely. The exploit for this issue has been publicly released. The vendor was notified of this issue but did not provide a response. **Recommendations** Versions up to 3.0.8 should be updated when a fix becomes available. As a temporary workaround, consider restricting access to the `/isomp-protocol/protocol/getHis` endpoint. Avoid using the `sessionPath` parameter in the affected API endpoint until the issue is resolved.