Jxm666

**Name of the Vulnerable Software and Affected Versions** Tenda F451 version 1.0.0.7 cn svn7958 **Description** A buffer overflow exists in the httpd component within the `fromGstDhcpSetSer()` function of the '/goform/GstDhcpSetSer' endpoint. This issue occurs when the `dips` argument is manipulated, allowing a remote attacker to trigger the overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 Description A stack-based buffer overflow exists in the `httpd` component of the Tenda F451 version 1.0.0.7. The issue is located in the `frmL7ProtForm` function of the `/goform/L7Prot` file. Manipulation of the `page` argument can trigger the overflow. The exploit has been publicly disclosed and may be used remotely. Recommendations For Tenda F451 version 1.0.0.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 Description A flaw exists in the `fromAddressNat` function within the `/goform/addressNat` file of the `httpd` component. Manipulation of the `entrys` argument can lead to a stack-based buffer overflow, potentially allowing for remote exploitation. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/addressNat` file.

**Name of the Vulnerable Software and Affected Versions** Tenda F451 version 1.0.0.7 cn svn7958 **Description** A stack-based buffer overflow can be triggered remotely via the `fromAdvSetWan()` function located in the `/goform/AdvSetWan` file. This issue occurs through the manipulation of the `wanmode/PPPOEPassword` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 cn svn7958 Description A security flaw exists in the `fromqossetting` function of the `/goform/qossetting` file in Tenda F451 version 1.0.0.7 cn svn7958. Manipulation of the `qos` argument can lead to a stack-based buffer overflow, potentially allowing for remote attacks. The exploit for this issue has been publicly released. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `fromqossetting` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Tenda F451 version 1.0.0.7 cn svn7958 **Description** A remote stack-based buffer overflow exists in the `fromSetIpBind()` function within the `/goform/SetIpBind` file. This issue occurs when the `page` argument is manipulated. A stack-based buffer overflow is a condition where a program writes more data to a buffer located on the stack than the buffer is allocated to hold, potentially overwriting adjacent memory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda F451 version 1.0.0.7 cn svn7958 **Description** A stack-based buffer overflow can be triggered remotely via the `frmL7ImForm()` function within the '/goform/L7Im' file. This issue occurs through the manipulation of the `page` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda F451 version 1.0.0.7 cn svn7958 **Description** A remote stack-based buffer overflow exists in the `fromSafeUrlFilter()` function within the `/goform/SafeUrlFilter` file. This issue occurs when the `page` argument is manipulated, allowing an attacker to execute the attack remotely. **Recommendations** As a temporary workaround, consider restricting access to the `/goform/SafeUrlFilter` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 Description A stack-based buffer overflow exists in the `fromSafeMacFilter` function of the `/goform/SafeMacFilter` file within the `httpd` component. Manipulation of the `page/menufacturer` argument can trigger this issue. The attack can be executed remotely. The exploit has been publicly disclosed. Recommendations Update to a newer version of Tenda F451 that addresses this vulnerability.