Doma

Name of the Vulnerable Software and Affected Versions UTT HiPER 1250GW versions through 3.2.7-210907-180535 Description A flaw exists in UTT HiPER 1250GW that allows for remote exploitation. The issue resides in the `strcpy` function within the /goform/formNatStaticMap file. Manipulation of the `NatBind` argument leads to a buffer overflow. The exploit is publicly available. Recommendations Versions through 3.2.7-210907-180535: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.10 Description A flaw exists in the Destination Handler component of Tenda M3 version 1.0.0.10. Manipulation of the `policyType` argument in the `setAdvPolicyData` function, accessible via the '/goform/setAdvPolicyData' endpoint, can lead to a buffer overflow. This issue can be exploited remotely. Recommendations For Tenda M3 version 1.0.0.10, avoid manipulating the `policyType` argument in the `setAdvPolicyData` function via the '/goform/setAdvPolicyData' endpoint.