Doudoudedi

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version US AC6V4.0RTL V02.03.01.26 cn.bin **Description** The issue allows attackers, who have the administrator password, to cause a denial of service (device crash) via a long string in the `wifiPwd 5G` parameter to "/goform/setWifi". **Recommendations** For Tenda AC6 version US AC6V4.0RTL V02.03.01.26 cn.bin, avoid using a long string in the `wifiPwd 5G` parameter to "/goform/setWifi" to prevent a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N600R version 4.3.0cu.7570 B20200620 **Description** A command injection issue was found via the `pingCheck` function, allowing for potential exploitation. **Recommendations** For TOTOLINK N600R version 4.3.0cu.7570 B20200620, consider disabling the `pingCheck` function until a patch is available to prevent potential command injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N600R version 4.3.0cu.7570 B20200620 **Description** A command injection issue was found via the exportOvpn interface at the "cstecgi.cgi" endpoint. This allows for potential command injection attacks. **Recommendations** For TOTOLINK N600R version 4.3.0cu.7570 B20200620, consider restricting access to the "cstecgi.cgi" endpoint to minimize the risk of exploitation. Avoid using the exportOvpn interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N600R version 4.3.0cu.7570 B20200620 **Description** A command injection issue was discovered via the "/setting/NTPSyncWithHost" API endpoint. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For TOTOLINK N600R version 4.3.0cu.7570 B20200620, as a temporary workaround, consider restricting access to the "/setting/NTPSyncWithHost" API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N600R version 4.3.0cu.7570 B20200620 **Description** A command injection issue was found via the `langType` parameter in the login interface. This allows for potential command injection attacks. **Recommendations** For TOTOLINK N600R version 4.3.0cu.7570 B20200620, avoid using the `langType` parameter in the login interface until the issue is resolved. As a temporary workaround, consider restricting access to the login interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear EX6100v1 version 201.0.2.28 Netgear CAX80 version 2.1.2.6 Netgear DC112A version 1.0.0.62 **Description** A stack overflow vulnerability exists in the upnpd service, which may lead to the execution of arbitrary code without authentication. **Recommendations** For Netgear EX6100v1 version 201.0.2.28, update to a version that fixes the upnpd service vulnerability. For Netgear CAX80 version 2.1.2.6, update to a version that fixes the upnpd service vulnerability. For Netgear DC112A version 1.0.0.62, update to a version that fixes the upnpd service vulnerability. As a temporary workaround, consider disabling the upnpd service until a patch is available.

Name of the Vulnerable Software and Affected Versions: D-Link DIR816 A1 FW101CNB04 Description: An issue was discovered in the D-Link DIR816 A1 FW101CNB04 750m11ac wireless router. The HTTP request parameter is used in the handler function of "/goform/form2userconfig.cgi" route, which can construct the user name string to delete the user function. This can lead to command injection through shell metacharacters. Recommendations: For D-Link DIR816 A1 FW101CNB04, consider disabling the `/goform/form2userconfig.cgi` route until a patch is available to prevent command injection through shell metacharacters. Restrict access to this route to minimize the risk of exploitation. Avoid using the `username` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 version DIR-816A2 FWv1.10CNB05 R1B011D88210 Description: An issue was discovered where the HTTP request parameter is used in the handler function of the "/goform/form2userconfig.cgi" route. This allows constructing the user name string to delete the user function, leading to command injection through shell metacharacters. Recommendations: For D-Link DIR-816 version DIR-816A2 FWv1.10CNB05 R1B011D88210, as a temporary workaround, consider restricting access to the "/goform/form2userconfig.cgi" route until a patch is available. Avoid using the `username` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.