Hundun

Name of the Vulnerable Software and Affected Versions: Tenda AC20 version 16.03.08.05 Description: A critical vulnerability exists in Tenda AC20 version 16.03.08.05. The `strcpy` function within the `/goform/SetFirewallCfg` file is susceptible to a stack-based buffer overflow. This occurs through the manipulation of the `firewallEn` argument, allowing for remote attacks. The exploit for this issue has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.