Hand_King

**Name of the Vulnerable Software and Affected Versions** D-Link DAP-1320 version 1.00 **Description** A critical issue has been found, affecting the function `replace special char` of the file `/storagein.pd-XXXXXX`. This issue leads to a stack-based buffer overflow and can be exploited remotely. The products affected by this issue are no longer supported by the maintainer. **Recommendations** For D-Link DAP-1320 version 1.00, as a temporary workaround, consider disabling the `replace special char` function until a patch is available. However, since the products are no longer supported, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** D-Link DAP-1320 version 1.00 **Description** A critical vulnerability was found in the function `set ws action` of the file `/dws/api/`. The manipulation leads to a heap-based buffer overflow. The attack can be launched remotely. This issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DAP-1320 version 1.00, as a temporary workaround, consider disabling the `set ws action` function until a patch is available. However, since the product is no longer supported, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-823X versions 240126 through 240802 **Description** A problematic issue was found in the HTTP POST Request Handler component, specifically affecting the `set wifi blacklists` function of the `/goform/set wifi blacklists` file. The manipulation of the `macList` argument leads to a null pointer dereference. This issue can be exploited remotely. **Recommendations** For versions 240126 through 240802, as a temporary workaround, consider disabling the `set wifi blacklists` function until a patch is available. Restrict access to the `/goform/set wifi blacklists` endpoint to minimize the risk of exploitation. Avoid using the `macList` argument in the affected HTTP POST Request Handler until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-823X versions 240126/240802 **Description** A critical vulnerability has been found, affecting the function `FUN 00412244`. This issue leads to a null pointer dereference and can be exploited remotely. The exploit has been disclosed to the public. **Recommendations** For D-Link DIR-823X versions 240126/240802, as a temporary workaround, consider disabling the `FUN 00412244` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.09 Description: A critical issue affects the `route static check` function of the file `/goform/SetStaticRouteCfg`. The manipulation of the argument list leads to a stack-based buffer overflow. This issue can be exploited remotely. The exploit has been publicly disclosed and may be used. The vulnerability may allow a remote attacker to impact the confidentiality, integrity, and availability of data. Recommendations: For Tenda AC8 version 16.03.34.09, as a temporary workaround, consider disabling the `route static check` function until a patch is available. Restrict access to the `/goform/SetStaticRouteCfg` file to minimize the risk of exploitation. Avoid using the affected function in the `SetStaticRouteCfg` configuration until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version 16.03.10.13 **Description** A critical issue was found in the function `formSetRebootTimer` of the file `/goform/SetSysAutoRebbotCfg`, where the manipulation of the `rebootTime` argument leads to a stack-based buffer overflow. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information by sending a specially crafted POST request to the `/goform/SetSysAutoRebbotCfg` endpoint. The exploit has been disclosed publicly. **Recommendations** As a temporary workaround, consider disabling the `formSetRebootTimer` function until a patch is available. Restrict access to the `/goform/SetSysAutoRebbotCfg` endpoint to minimize the risk of exploitation. Avoid using the `rebootTime` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version 16.03.10.13 Description: A critical vulnerability was found in the function `FUN 0046AC38` of the file `/goform/WifiExtraSet`. The manipulation of the argument `wpapsk crypto` leads to a stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This issue can be exploited by sending a specially crafted POST request with the `wpapsk crypto` parameter. Recommendations: For Tenda AC10 version 16.03.10.13, as a temporary workaround, consider disabling the `FUN 0046AC38` function until a patch is available. Restrict access to the `/goform/WifiExtraSet` file to minimize the risk of exploitation. Avoid using the `wpapsk crypto` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version 16.03.10.13 **Description** A critical vulnerability was found in the function `FUN 0044db3c` of the file `/goform/fast setting wifi set`. The manipulation of the argument `timeZone` leads to a stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information by sending a specially crafted POST request. **Recommendations** For Tenda AC10 version 16.03.10.13, update to the latest firmware available to mitigate risks. As a temporary workaround, consider restricting access to the vulnerable function `FUN 0044db3c` or the file `/goform/fast setting wifi set` to minimize the risk of exploitation. Avoid using the parameter `timeZone` in the affected API endpoint until the issue is resolved.