Fan95

Name of the Vulnerable Software and Affected Versions Tenda i3 version 1.0.0.6(2204) Description A path traversal weakness exists in the HTTP Handler component's `R7WebsSecurityHandler` function of Tenda i3 version 1.0.0.6(2204). This allows for remote manipulation, potentially leading to unauthorized access. The exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda FH1202 version 1.2.0.14(408) **Description** A security issue exists in Tenda FH1202. A stack-based buffer overflow can be triggered in the `formWrlsafeset` function within the `/goform/AdvSetWrlsafeset` file. Manipulation of the `mit ssid/mit ssid index` argument can lead to this overflow, and the attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** Update to a newer version that contains a fix for this vulnerability.