Peanuts

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers (affected versions not specified) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the web interface management of the affected routers, which could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is associated with errors in processing input data, potentially allowing a remote attacker to execute arbitrary code in the context of the root user or cause a denial of service. **Recommendations** For Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 versions prior to V15.03.05.19(6318) **Description** The issue is related to a heap overflow in the httpd module when handling the `/goform/saveParentControlInfo` API endpoint, specifically due to the `saveParentControlInfo()` function's handling of the `deviceId` parameter. This can allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For Tenda AC18 versions prior to V15.03.05.19(6318), as a temporary workaround, consider disabling the `saveParentControlInfo()` function until a patch is available. Restrict access to the `/goform/saveParentControlInfo` API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.19(6318) **Description** The issue is related to a stack-based buffer overflow vulnerability in the `form fast setting wifi set()` function of the Tenda AC18 router's firmware. This vulnerability is caused by an out-of-bounds write operation when processing the `ssid` parameter. Exploitation of this issue could allow a remote attacker to cause a denial of service. **Recommendations** For version 15.03.05.19(6318), as a temporary workaround, consider disabling the `form fast setting wifi set()` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the `ssid` parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 versions prior to V15.03.05.19(6318) **Description** The issue is related to a stack-based buffer overflow vulnerability in the `fromAddressNat()` function of the Tenda AC18 router's firmware. This vulnerability occurs when handling the `entrys` and `mitInterface` parameters, allowing an attacker to potentially cause a denial of service or execute arbitrary code remotely. **Recommendations** For Tenda AC18 versions prior to V15.03.05.19(6318), as a temporary workaround, consider disabling the `fromAddressNat()` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC18 V15.03.05.19(6318) **Description** The issue is related to a stack-based buffer overflow in the httpd module of the Tenda AC Series Router when handling the /goform/SetFirewallCfg request. This can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For version AC18 V15.03.05.19(6318), as a temporary workaround, consider restricting access to the /goform/SetFirewallCfg request in the httpd module until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC18 V15.03.05.19(6318) **Description** The issue is related to a stack-based buffer overflow in the httpd module when handling the "/goform/WifiExtraSet" API endpoint. This can potentially allow an attacker to cause a denial of service. **Recommendations** For Tenda AC Series Router version AC18 V15.03.05.19(6318), consider restricting access to the "/goform/WifiExtraSet" API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router AC18 version 15.03.05.19(6318) **Description** The issue is related to a stack-based buffer overflow in the httpd module of the Tenda AC Series Router AC18. This occurs when handling the "/goform/SetClientState" request. Exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC Series Router AC18 version 15.03.05.19(6318), as a temporary workaround, consider restricting access to the "/goform/SetClientState" request until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC11 V02.03.01.104 CN **Description** A stack buffer overflow was discovered in the wifiBasicCfg module, allowing attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Tenda AC Series Router version AC11 V02.03.01.104 CN, consider disabling the wifiBasicCfg module as a temporary workaround until a patch is available. Restrict access to the wifiBasicCfg module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RICOH Printer series SP products versions 1.06 **Description** The issue is a stack buffer overflow in the file /etc/wpa supplicant.conf, which allows attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For version 1.06, update the firmware to a version that fixes the stack buffer overflow issue in the /etc/wpa supplicant.conf file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xerox Phaser 4622 version 35.013.01.000 **Description** A buffer overflow issue was discovered in the function sub 3226AC via the `TIMEZONE` variable, allowing attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Xerox Phaser 4622 version 35.013.01.000, consider restricting the use of the `TIMEZONE` variable until a patch is available. As a temporary workaround, consider disabling the function sub 3226AC to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC11 V02.03.01.104 CN **Description** The issue is related to a stack buffer overflow in the PPPoE module, which can be exploited by attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Tenda AC Series Router version AC11 V02.03.01.104 CN, consider disabling the PPPoE module as a temporary workaround until a patch is available. Restrict access to the PPPoE module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC11 V02.03.01.104 CN **Description** A stack buffer overflow was discovered in the wifiTime module, allowing attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Tenda AC Series Router version AC11 V02.03.01.104 CN, consider disabling the wifiTime module as a temporary workaround until a patch is available. Restrict access to the wifiTime module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC11 V02.03.01.104 CN **Description** The issue is related to a stack buffer overflow in the onlineList module, allowing attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Tenda AC Series Router version AC11 V02.03.01.104 CN, consider disabling the onlineList module as a temporary workaround until a patch is available. Restrict access to the onlineList module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC Series Router version AC11 V02.03.01.104 CN **Description** A stack buffer overflow was discovered in the wanBasicCfg module, allowing attackers to cause a Denial of Service (DoS) via crafted overflow data. **Recommendations** For Tenda AC Series Router version AC11 V02.03.01.104 CN, consider disabling the wanBasicCfg module as a temporary workaround until a patch is available. Restrict access to the module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6400v2 version 1.0.4.102 10.0.75 NETGEAR R6400 version 1.0.1.62 1.0.41 NETGEAR R7000P version 1.3.2.126 10.1.66 NETGEAR XR300 version 1.0.3.50 10.3.36 NETGEAR R8000 version 1.0.4.62 NETGEAR R8300 version 1.0.2.136 NETGEAR R8500 version 1.0.2.136 NETGEAR R7300DST version 1.0.0.74 NETGEAR R7850 version 1.0.5.64 NETGEAR R7900 version 1.0.4.30 NETGEAR RAX20 version 1.0.2.64 NETGEAR RAX80 version 1.0.3.102 NETGEAR R6250 version 1.0.4.44 **Description** The upnpd service on certain NETGEAR devices allows remote attackers to execute arbitrary code via a stack-based buffer overflow. This issue can be exploited by attackers on the local area network (LAN). **Recommendations** For NETGEAR R6400v2 version 1.0.4.102 10.0.75, update to a newer version that contains a fix for this issue. For NETGEAR R6400 version 1.0.1.62 1.0.41, update to a newer version that contains a fix for this issue. For NETGEAR R7000P version 1.3.2.126 10.1.66, update to a newer version that contains a fix for this issue. For NETGEAR XR300 version 1.0.3.50 10.3.36, update to a newer version that contains a fix for this issue. For NETGEAR R8000 version 1.0.4.62, update to a newer version that contains a fix for this issue. For NETGEAR R8300 version 1.0.2.136, update to a newer version that contains a fix for this issue. For NETGEAR R8500 version 1.0.2.136, update to a newer version that contains a fix for this issue. For NETGEAR R7300DST version 1.0.0.74, update to a newer version that contains a fix for this issue. For NETGEAR R7850 version 1.0.5.64, update to a newer version that contains a fix for this issue. For NETGEAR R7900 version 1.0.4.30, update to a newer version that contains a fix for this issue. For NETGEAR RAX20 version 1.0.2.64, update to a newer version that contains a fix for this issue. For NETGEAR RAX80 version 1.0.3.102, update to a newer version that contains a fix for this issue. For NETGEAR R6250 version 1.0.4.44, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.