Liuchangwei

**Name of the Vulnerable Software and Affected Versions** Tenda AC23 version 16.03.07.52 **Description** A critical vulnerability exists in the Tenda AC23 device. The vulnerability is located in the `sub 46C940` function of the `/goform/setMacFilterCfg` file within the httpd component. Manipulation of the `deviceList` argument leads to a stack-based buffer overflow, allowing for remote attacks. The exploit for this issue has been publicly disclosed. **Recommendations** Tenda AC23 version 16.03.07.52: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC20 version 16.03.08.05 **Description** A stack-based buffer overflow vulnerability exists in the processing of the `list` parameter within the `/goform/SetStaticRouteCfg` file. Remote attackers can exploit this issue to execute arbitrary code or cause a denial-of-service condition. The exploit has been publicly disclosed. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/SetStaticRouteCfg` endpoint.

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A critical issue exists in the `httpd` component of Tenda AC7. The vulnerability is due to a stack-based buffer overflow in the `formSetMacFilterCfg` function within the `/goform/setMacFilterCfg` file. The `deviceList` argument can be manipulated to trigger the overflow, allowing for remote exploitation. The exploit has been publicly disclosed. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/setMacFilterCfg` file.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-645 versions 1.05B01 and earlier Description: A critical issue affects the `ssdpcgi main` function of the `ssdpcgi` component, located in the `/htdocs/cgibin` file. This problem leads to command injection and can be exploited remotely. The exploit has been publicly disclosed and may be used. This issue only affects products that are no longer supported by the manufacturer. Recommendations: For D-Link DIR-645 versions 1.05B01 and earlier, as a temporary workaround, consider disabling the `ssdpcgi main` function until a patch is available. Restrict access to the `/htdocs/cgibin` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-867 version 1.0 Description: A critical vulnerability has been found in the function `strncpy` of the component Query String Handler, leading to a stack-based buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. Recommendations: As a temporary workaround, consider disabling the `strncpy` function in the Query String Handler component until a patch is available. However, since the product is no longer supported by the maintainer, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-815 version 1.01 Description: A critical vulnerability was found in the D-Link DIR-815, affecting the function `sub 403794` of the file `hedwig.cgi`. This vulnerability leads to a stack-based buffer overflow and can be initiated remotely. The exploit has been disclosed to the public and may be used. Recommendations: As a temporary workaround, consider disabling the `sub 403794` function in the `hedwig.cgi` file until a patch is available. Restrict access to the `hedwig.cgi` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.