Funcy_Kilar

**Name of the Vulnerable Software and Affected Versions** Tenda Router W30E version 1.0.1.25(633) **Description** The issue is related to a Buffer Overflow in the `fromRouteStatic` function via parameters `entrys` and `mitInterface`. **Recommendations** For Tenda Router W30E version 1.0.1.25(633), as a temporary workaround, consider disabling the `fromRouteStatic` function until a patch is available. Restrict access to parameters `entrys` and `mitInterface` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version 15.03.05.09 multi **Description** The issue is related to a stack overflow in the `form fast setting wifi set` function, specifically via the `ssid` parameter. This can potentially allow a remote attacker to cause a denial of service. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited. **Recommendations** For Tenda AC6 version 15.03.05.09 multi, consider restricting access to the `form fast setting wifi set` function until a patch is available. Avoid using the `ssid` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC500 version 2.0.1.9(1307) **Description** The issue is related to a buffer overflow in the `fromAddressNat` function of the Tenda AC500 router's firmware, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. The vulnerability is triggered via the `entrys` and `mitInterface` parameters. **Recommendations** For Tenda AC500 version 2.0.1.9(1307), consider disabling the `fromAddressNat` function as a temporary workaround until a patch is available. Restrict access to the parameters `entrys` and `mitInterface` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC500 version 2.0.1.9(1307) **Description** The issue is related to a Buffer Overflow in the `formOneSsidCfgSet` function via the `ssid` parameter. **Recommendations** For Tenda AC500 version 2.0.1.9(1307), as a temporary workaround, consider restricting the input for the `ssid` parameter in the `formOneSsidCfgSet` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.