Kdb3169

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN579A3 versions up to 20210219 **Description** A command injection issue exists in Wavlink WL-WN579A3. The issue is located in the `multi ssid` function within the `/cgi-bin/wireless.cgi` file. Manipulating the `SSID2G2` argument can lead to command injection. This attack can be initiated remotely. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** Versions up to 20210219 should be updated when a fix becomes available. As a temporary workaround, restrict access to the `/cgi-bin/wireless.cgi` file. Avoid manipulating the `SSID2G2` argument.

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN579A3 versions up to 20210219 **Description** A command injection issue exists in the function `Delete Mac list` of the file `/cgi-bin/wireless.cgi`. Manipulation of the `delete list` argument can lead to command injection. Remote exploitation is possible. The exploit is publicly available. The vendor was contacted but did not respond. **Recommendations** Apply updates to versions after 20210219. As a temporary workaround, restrict access to the `/cgi-bin/wireless.cgi` file. Avoid using the `delete list` argument in the `/cgi-bin/wireless.cgi` endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN579A3 versions up to 20210219 **Description** A command injection issue exists in the file `/cgi-bin/login.cgi`. Manipulating the `key` argument can allow for remote code execution. The vulnerability has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** Update Wavlink WL-WN579A3 to a version later than 20210219. As a temporary workaround, restrict access to the `/cgi-bin/login.cgi` file. Avoid using the `key` parameter in the `/cgi-bin/login.cgi` endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN579A3 versions up to 20210219 **Description** A flaw exists in Wavlink WL-WN579A3 that allows for remote command injection. The issue is located in the `AddMac` function within the `/cgi-bin/wireless.cgi` file. Manipulation of the `macAddr` argument can lead to command execution. The exploit code has been publicly released. The vendor was notified but did not respond. **Recommendations** Versions up to 20210219 should be updated when a fix becomes available. As a temporary workaround, restrict access to the `/cgi-bin/wireless.cgi` file. Avoid using the `macAddr` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Wavlink WL-WN579A3 versions up to 20210219 **Description** A security flaw exists in Wavlink WL-WN579A3. The issue is due to command injection within the `DeleteMac` function located in the `/cgi-bin/wireless.cgi` file. Manipulation of the `delete list` argument can lead to remote code execution. The vendor was contacted regarding this issue but did not respond. **Recommendations** Versions up to 20210219 should be updated when a fix becomes available. As a temporary workaround, restrict access to the `/cgi-bin/wireless.cgi` file. Avoid manipulating the `delete list` argument.

**Name of the Vulnerable Software and Affected Versions** Tenda TX9 versions up to 22.03.02.10 multi **Description** A flaw exists in the Tenda TX9 device, specifically within the `sub 432580` function located in the `/goform/fast setting wifi set` file. Manipulation of the `ssid` argument can lead to a buffer overflow. This issue can be exploited remotely. The details of the exploit have been publicly disclosed. **Recommendations** Versions up to 22.03.02.10 multi are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda TX9 versions up to 22.03.02.10 multi **Description** A flaw exists in Tenda TX9 devices up to version 22.03.02.10 multi. The issue is due to a buffer overflow in the `sub 42D03C` function within the `/goform/SetStaticRouteCfg` file when handling the argument list. This allows for remote exploitation. The exploit has been publicly released. **Recommendations** Update Tenda TX9 to a version later than 22.03.02.10 multi.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 versions up to 16.03.13.11 multi **Description** A flaw exists in Tenda TX3 that allows remote attackers to trigger a buffer overflow. The issue is located in the file `/goform/SetIpMacBind` and involves manipulation of the argument list to an unknown function. The exploit for this issue has been publicly disclosed. **Recommendations** Update Tenda TX3 to a version newer than 16.03.13.11 multi.

**Name of the Vulnerable Software and Affected Versions** Tenda TX9 versions up to 22.03.02.10 multi **Description** A flaw exists in the Tenda TX9 device, specifically within the `sub 4223E0` function located in the `/goform/setMacFilterCfg` file. Manipulation of the `deviceList` argument can trigger a buffer overflow. This issue can be exploited remotely. The exploit is publicly available. **Recommendations** Update to a version later than 22.03.02.10 multi.