Benjpopo

**Name of the Vulnerable Software and Affected Versions** CH22 version 1.0.0.6(468) **Description** The issue is a stack overflow vulnerability located in the `fromqossetting` function. This vulnerability poses risks of remote exploit and system compromise. **Recommendations** For CH22 version 1.0.0.6(468), as a temporary workaround, consider disabling the `fromqossetting` function until a patch is available. Restrict access to the `/goform/fromqossetting` API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda FH451 version 1.0.0.9 **Description** The issue is a stack overflow vulnerability located in the `RouteStatic` function. This vulnerability enables remote code execution. **Recommendations** For Tenda FH451 version 1.0.0.9, consider disabling the `RouteStatic` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Monitor for exploit attempts and apply a patch as soon as it becomes available.

**Name of the Vulnerable Software and Affected Versions** Tenda O6 V3.0 firmware version 1.0.0.7(2054) **Description** The issue is a stack overflow vulnerability in the `formexeCommand` function. This vulnerability is present in the specified firmware version of the Tenda O6 V3.0 device. **Recommendations** For Tenda O6 V3.0 firmware version 1.0.0.7(2054), as a temporary workaround, consider disabling the `formexeCommand` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.