Faqiadegege

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 versions 15.03.05.16 **Description** An issue exists in Tenda AC6 that allows attackers to cause a denial of service. This is achieved by manipulating the `funcname`, `funcpara1`, and `funcpara2` parameters within the `/SetCfm` API endpoint, specifically through the `formSetCfm` function. **Recommendations** Restrict or disable access to the `/SetCfm` API endpoint. Avoid using the `funcname`, `funcpara1`, and `funcpara2` parameters in the affected API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.16 multi Description: The issue is related to a Buffer Overflow in the `addWifiMacFilter` function, which can be exploited via the `deviceId` parameter. Recommendations: For Tenda AC6 version 15.03.05.16 multi, as a temporary workaround, consider disabling the `addWifiMacFilter` function until a patch is available. Avoid using the `deviceId` parameter in the affected function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** D-LINK DI-8003 version 16.07.16A1 **Description** A buffer overflow issue was discovered in the `tgfile htm` function, related to the `fn` parameter. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For D-LINK DI-8003 version 16.07.16A1, as a temporary workaround, consider restricting access to the `tgfile htm` function until a patch is available. Avoid using the `fn` parameter in the affected function to minimize the risk of exploitation.