Seuilping

**Name of the Vulnerable Software and Affected Versions** Tenda A301 version 15.13.08.12 **Description** A critical issue has been identified, classified as critical, affecting the function `fromSetWirelessRepeat` of the file `/goform/WifiExtraSet`. The manipulation of the argument `wpapsk crypto` leads to a stack-based buffer overflow. This issue can be exploited remotely. The exploit has been disclosed publicly and may be used. **Recommendations** For Tenda A301 version 15.13.08.12, as a temporary workaround, consider disabling the `fromSetWirelessRepeat` function until a patch is available. Restrict access to the `/goform/WifiExtraSet` endpoint to minimize the risk of exploitation. Avoid using the parameter `wpapsk crypto` in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.