Hhsw34

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A security flaw exists in Tenda A21 version 1.0.0.0. The issue is a stack-based buffer overflow in the `set qosMib list` function located in the file `/goform/formSetQosBand`. The vulnerability is triggered by manipulating the `list` argument and can be exploited remotely. A public exploit is available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A flaw exists in Tenda A21 version 1.0.0.0 related to the `set device name` function within the `/goform/SetOnlineDevName` file. Manipulation of the `devName` argument can trigger a stack-based buffer overflow, allowing for remote exploitation. The exploit has been publicly released. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/SetOnlineDevName` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A stack-based buffer overflow exists in the `form fast setting wifi set` function located in the `/goform/fast setting wifi set` file. Manipulation of the `ssid` argument can trigger the overflow, allowing for remote attacks. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A security issue exists in the Tenda A21 router. The issue is a stack-based buffer overflow in the MAC Filtering Configuration Endpoint, specifically within the `set device name` function located in the /goform/setBlackRule file. Manipulation of the `devName`/`mac` argument can trigger the overflow. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A stack-based buffer overflow exists in the `fromSetIpMacBind` function within the `/goform/SetIpMacBind` API endpoint of the Tenda A21 router. Manipulation of the argument list to this function can trigger the overflow, allowing for remote code execution or a denial-of-service condition. The exploit for this issue has been publicly released. **Recommendations** Versions prior to 1.0.0.0 are recommended. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda A21 version 1.0.0.0 **Description** A stack-based buffer overflow exists in the `setSchedWifi` function of the `/goform/openSchedWifi` file. Manipulation of the `schedStartTime` and `schedEndTime` arguments can trigger this issue. The attack can be initiated remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DWR-M961 version 1.1.47 **Description** A flaw exists in D-Link DWR-M961 version 1.1.47 that allows for command injection. This issue is related to the `sub 419920` function within the `/boafrm/formLtefotaUpgradeQuectel` file. Manipulation of the `fota url` argument can lead to remote code execution. An exploit for this issue has been published. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/boafrm/formLtefotaUpgradeQuectel` file. Avoid using the `fota url` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** D-Link DWR-M961 version 1.1.47 **Description** A flaw exists in the SMS Message component of D-Link DWR-M961 version 1.1.47. Specifically, the `sub 4250E0` function within the `/boafrm/formSmsManage` file is susceptible to command injection. This occurs through manipulation of the `action value` argument, allowing for remote execution of commands. The exploit for this issue is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DWR-M961 version 1.1.47 **Description** A security issue exists in D-Link DWR-M961 version 1.1.47. Manipulation of the `fota url` argument within an unknown function of the `/boafrm/formLtefotaUpgradeFibocom` file can lead to command injection. This allows for remote attacks. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AX12 Pro V2 version 16.03.49.24 cn **Description** A flaw exists in the Telnet Service component of the software that allows for the retrieval of hard-coded credentials. Successful exploitation of this issue grants full remote control. The attack requires a high degree of complexity and is considered difficult to execute. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sangfor Operation and Maintenance Security Management System versions through 3.0.12 **Description** A flaw exists in the Sangfor Operation and Maintenance Security Management System. The issue is due to a command injection vulnerability within the `portValidate` function, located in the `/fort/ip and port/port validate` file of the HTTP POST Request Handler component. Manipulating the `port` argument can lead to command injection. This can be triggered remotely. The exploit has been made public. **Recommendations** Versions prior to 3.0.12 should be updated.

**Name of the Vulnerable Software and Affected Versions** Sangfor Operation and Maintenance Security Management System versions up to 3.0.12 **Description** A flaw exists in Sangfor Operation and Maintenance Security Management System. The issue is due to command injection within the HTTP POST Request Handler component, specifically related to the `/fort/audit/get clip img` file. Manipulation of the `frame/dirno` argument can lead to remote code execution. The exploit details have been publicly disclosed. **Recommendations** Versions prior to 3.0.12 should be updated.

**Name of the Vulnerable Software and Affected Versions** Sangfor Operation and Maintenance Security Management System versions up to 3.0.12 **Description** A flaw exists in the Sangfor Operation and Maintenance Security Management System that could allow for remote command injection. The issue is located within the HTTP POST Request Handler component, specifically in the `getInformation` function of the file '/equipment/get Information'. Manipulation of the `fortEquipmentIp` argument can lead to unauthorized command execution. The exploit has been publicly disclosed. **Recommendations** Versions prior to 3.0.12 should be updated.

**Name of the Vulnerable Software and Affected Versions** Sangfor Operation and Maintenance Management System versions up to 3.0.8 **Description** A security flaw exists in Sangfor Operation and Maintenance Management System. The issue involves unrestricted file upload due to manipulation of the `File` argument within an unknown function of the `/fort/trust/version/common/common.jsp` file. This allows for remote exploitation. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** Versions prior to 3.0.8 should be updated. As a temporary workaround, restrict access to the `/fort/trust/version/common/common.jsp` file. Avoid uploading untrusted files to the system.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K versions 1.00 20250513164613 through 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 through 1.1.50 **Description** A flaw exists in D-Link DIR-822K and DWR-M920 routers. The issue is related to the manipulation of the `submit-url` argument within the /boafrm/formDdns file, leading to memory corruption. The attack can be initiated remotely. An exploit for this issue has been published. **Recommendations** Update D-Link DIR-822K from versions 1.00 20250513164613 through 1.1.50 to a newer version. Update D-Link DWR-M920 from versions 1.00 20250513164613 through 1.1.50 to a newer version.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K versions 1.00 20250513164613 and 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 **Description** A buffer overflow issue exists in D-Link DIR-822K and DWR-M920 routers. The issue is related to the manipulation of the `submit-url` argument within an unknown function of the `/boafrm/formWlEncrypt` file. This allows for a remote attack. The exploit for this issue has been publicly released. **Recommendations** For D-Link DIR-822K version 1.00 20250513164613, update to a newer version that contains a fix for this vulnerability. For D-Link DIR-822K version 1.1.50, update to a newer version that contains a fix for this vulnerability. For D-Link DWR-M920 version 1.00 20250513164613, update to a newer version that contains a fix for this vulnerability. For D-Link DWR-M920 version 1.1.50, update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K versions 1.00 20250513164613 and 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 **Description** A buffer overflow issue exists in D-Link DIR-822K and DWR-M920 routers. The issue is located in an unknown function within the `/boafrm/formWanConfigSetup` file. Manipulation of the `submit-url` argument can trigger the buffer overflow, allowing for remote attacks. A publicly available exploit exists, potentially enabling malicious actors to compromise affected devices. **Recommendations** D-Link DIR-822K version 1.00 20250513164613: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-822K version 1.1.50: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DWR-M920 version 1.00 20250513164613: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DWR-M920 version 1.1.50: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K versions 1.00 20250513164613 and 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 **Description** A buffer overflow issue exists in D-Link DIR-822K and DWR-M920 devices. The issue is due to the manipulation of the `submit-url` argument within the `/boafrm/formVpnConfigSetup` file. Exploitation of this issue can be performed remotely through the `formVpnConfigSetup` function. A public exploit is available. **Recommendations** For D-Link DIR-822K version 1.00 20250513164613, restrict access to the `/boafrm/formVpnConfigSetup` file. For D-Link DIR-822K version 1.1.50, restrict access to the `/boafrm/formVpnConfigSetup` file. For D-Link DWR-M920 version 1.00 20250513164613, restrict access to the `/boafrm/formVpnConfigSetup` file. For D-Link DWR-M920 version 1.1.50, restrict access to the `/boafrm/formVpnConfigSetup` file.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K version 1.00 **Description** A buffer overflow issue exists in the function `sub 455524` of the file `/boafrm/formNtp`. Manipulation of the `submit-url` argument can trigger this issue, potentially allowing for remote exploitation. The exploit has been made public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-822K versions 1.00 20250513164613 D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 **Description** A buffer overflow issue exists in D-Link DIR-822K and DWR-M920. The issue is located in the file `/boafrm/formFirewallAdv`. Manipulation of the `submit-url` argument can trigger the overflow. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** Update D-Link DIR-822K version 1.00 20250513164613 to a newer version. Update D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 to a newer version.