Dengxiquan

**Name of the Vulnerable Software and Affected Versions** H3C R160 version V1004004 **Description** A critical issue has been found in the file /goForm/aspForm, where the manipulation of the `go` argument leads to a stack-based buffer overflow. The issue affects some unknown functionality of this file. **Recommendations** For version V1004004, as a temporary workaround, consider restricting access to the /goForm/aspForm file until a patch is available. Avoid manipulating the `go` argument in the affected file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tenda AC23 version 16.03.07.45 cn **Description** The issue is related to insufficient argument checking in the Service Port 7329 component of the Tenda AC23 router's firmware, which can lead to command injection. This can be exploited by a remote attacker to execute arbitrary commands. The manipulation of the `v2` argument is the key to this vulnerability. The attack can be initiated remotely. **Recommendations** For Tenda AC23 version 16.03.07.45 cn, as a temporary workaround, consider restricting access to the Service Port 7329 component until a patch is available. Avoid using the `v2` argument in the affected command until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.