Sunnyyaya

**Name of the Vulnerable Software and Affected Versions** Tenda AC8 version 16.03.33.05 **Description** A buffer overflow issue exists in the Embedded Httpd Service component of Tenda AC8. The flaw is located in the file '/goform/fast setting wifi set' and is triggered by manipulating the `timeZone` argument. Remote exploitation is possible. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC8 version 16.03.33.05 **Description** A buffer overflow issue exists in the `fromSetWifiGusetBasic` function within the `/goform/WifiGuestSet` file of the `httpd` component. The `shareSpeed` argument can be manipulated to trigger this issue, potentially allowing for remote attacks. The exploit for this issue is publicly available. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `fromSetWifiGusetBasic` function until a patch is available.