Amalll

**Name of the Vulnerable Software and Affected Versions** Tenda AC9 version 15.03.2.13 **Description** The issue is related to a Buffer Overflow via httpd, specifically in the form fast setting wifi set function. This affects the httpd service. **Recommendations** For Tenda AC9 version 15.03.2.13, consider disabling the httpd service or restricting access to the form fast setting wifi set function until a patch is available. Avoid using the `form fast setting wifi set` function in the affected httpd endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Tenda ac15 firmware version V15.03.05.18 **Description** The issue is related to a stack buffer overflow in the httpd server of the Tenda ac15 firmware. This overflow occurs in the `/goform/formWifiBasicSet` API endpoint. **Recommendations** For Tenda ac15 firmware version V15.03.05.18, as a temporary workaround, consider restricting access to the `/goform/formWifiBasicSet` API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.