Riv4Ille

**Name of the Vulnerable Software and Affected Versions** Tenda AX1803 version 1.0.0.1 **Description** A heap overflow issue was found in the GetParentControlInfo function, allowing for a denial of service attack through a specially crafted HTTP request. **Recommendations** For Tenda AX1803 version 1.0.0.1, consider disabling the GetParentControlInfo function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Tenda AX1803 version 1.0.0.1 **Description** A heap overflow issue was discovered in the function GetParentControlInfo. **Recommendations** For Tenda AX1803 version 1.0.0.1, consider disabling the GetParentControlInfo function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda ax1803 version 1.0.0.1 **Description** The issue concerns http requests handled by the `fromAdvSetMacMtuWan` functions, specifically the `wanSpeed`, `cloneType`, and `mac` variables, which can cause a stack overflow and enable remote code execution. **Recommendations** For Tenda ax1803 version 1.0.0.1, consider disabling the `fromAdvSetMacMtuWan` function as a temporary workaround until a patch is available. Restrict access to the http requests that handle `wanSpeed`, `cloneType`, and `mac` variables to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.