Dexter_Zg

**Name of the Vulnerable Software and Affected Versions** Tenda A301 version 15.13.08.12 **Description** A critical issue was found in the function `fromSetWirelessRepeat` of the file `/goform/SetOnlineDevName`. The manipulation of the argument `devName` leads to a stack-based buffer overflow. This issue can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** For Tenda A301 version 15.13.08.12, as a temporary workaround, consider restricting access to the `/goform/SetOnlineDevName` endpoint until a patch is available. Avoid using the `devName` argument in the affected function `fromSetWirelessRepeat` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.