L3M0Nade

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version US AC10V4.0si V16.03.10.13 cn **Description** A stack overflow issue was discovered via the `shareSpeed` parameter in the `fromSetWifiGuestBasic` function. **Recommendations** For Tenda AC10 version US AC10V4.0si V16.03.10.13 cn, consider restricting access to the `fromSetWifiGuestBasic` function to minimize the risk of exploitation. Avoid using the `shareSpeed` parameter until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version US AC10V4.0si V16.03.10.13 cn **Description** The issue is related to a stack overflow in the `get parentControl list Info()` function when handling the `urls` parameter. This can allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Tenda AC10 version US AC10V4.0si V16.03.10.13 cn, as a temporary workaround, consider disabling the `get parentControl list Info()` function until a patch is available. Restrict access to the `urls` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version US AC10V4.0si V16.03.10.13 cn **Description** The issue is related to a stack overflow in the `SetFirewallCfg()` function when handling the `firewallEn` parameter. This can allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Tenda AC10 version US AC10V4.0si V16.03.10.13 cn, as a temporary workaround, consider disabling the `SetFirewallCfg()` function until a patch is available. Restrict access to the `firewallEn` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version US AC10V4.0si V16.03.10.13 cn **Description** The issue is related to a stack overflow in the `sub 47D878()` function when handling the `src` parameter, potentially allowing a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Tenda AC10 version US AC10V4.0si V16.03.10.13 cn, as a temporary workaround, consider disabling the `sub 47D878()` function until a patch is available. Restrict access to the `src` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version US AC10V4.0si V16.03.10.13 cn **Description** The issue is related to a buffer overflow in the `compare parentcontrol time()` function of the Tenda AC10 router's firmware when handling the `time` parameter. This can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Tenda AC10 version US AC10V4.0si V16.03.10.13 cn, as a temporary workaround, consider disabling the `compare parentcontrol time()` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the `time` parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.