CVE-2023-40895

Name of the Vulnerable Software and Affected Versions Tenda AC8 version US AC8V4.0si V16.03.34.06 cn

Description A stack overflow issue was discovered via the parameter list at the "/goform/SetVirtualServerCfg" API endpoint. This issue affects the Tenda AC8 device.

Recommendations For Tenda AC8 version US AC8V4.0si V16.03.34.06 cn, consider restricting access to the "/goform/SetVirtualServerCfg" API endpoint to minimize the risk of exploitation. Avoid using the parameter list in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.