Shiny

**Name of the Vulnerable Software and Affected Versions** Tenda AC9 version 15.03.05.14 Tenda AC9 version 15.03.05.18 Tenda AC15 version 15.03.05.14 Tenda AC15 version 15.03.05.18 **Description** A vulnerability exists in Tenda AC9 and AC15 devices. The vulnerability affects the `formexeCommand` function within the `/goform/exeCommand` file. Manipulation of the `cmdinput` argument can lead to a buffer overflow, allowing for remote exploitation. **Recommendations** Tenda AC9 version 15.03.05.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Tenda AC9 version 15.03.05.18: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Tenda AC15 version 15.03.05.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Tenda AC15 version 15.03.05.18: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DI-8100 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8100G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8003 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8003G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 **Description** A vulnerability exists in D-Link routers due to a command injection issue. The `sub 4621DC` function within the `usb paswd.asp` file of the `jhttpd` component is susceptible to exploitation. Manipulation of the `hname` argument can lead to operating system command injection. This attack can be initiated remotely. **Recommendations** D-Link DI-8100 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8100G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8200 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8200G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8003 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8003G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DI-8100G versions 17.12.20A1 and 19.12.10A1 D-Link DI-8200G versions 17.12.20A1 and 19.12.10A1 D-Link DI-8003G versions 17.12.20A1 and 19.12.10A1 **Description** A vulnerability exists due to the manipulation of the `path` argument within the `sub 433F7C` function of the `version upgrade.asp` file, a component of `jhttpd`, leading to OS command injection. This issue can be exploited remotely. **Recommendations** D-Link DI-8100G versions 17.12.20A1 and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8200G versions 17.12.20A1 and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DI-8003G versions 17.12.20A1 and 19.12.10A1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC9 version 15.03.05.14 Tenda AC15 version 15.03.05.14 **Description** A vulnerability exists due to the manipulation of the `cmdinput` argument in the `formexeCommand` function within the `/goform/exeCommand` file, leading to OS command injection. Remote exploitation is possible. The exploit has been publicly disclosed. **Recommendations** For Tenda AC9 version 15.03.05.14, address the vulnerability by patching the `formexeCommand` function in the `/goform/exeCommand` file to properly sanitize the `cmdinput` argument. For Tenda AC15 version 15.03.05.14, address the vulnerability by patching the `formexeCommand` function in the `/goform/exeCommand` file to properly sanitize the `cmdinput` argument.

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ version 19.12.25A1 Description: A critical issue was found in the httpd debug.asp file, where the manipulation of the `Time` argument leads to os command injection. The exploit has been disclosed to the public and may be used. Recommendations: For D-Link DI-7300G+ version 19.12.25A1, consider restricting access to the httpd debug.asp file until a patch is available. As a temporary workaround, avoid using the `Time` argument in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ version 19.12.25A1 Description: A critical issue has been found, affecting an unknown function of the file wget test.asp. The manipulation of the `url` argument leads to os command injection. It is possible to launch the attack remotely. Recommendations: For D-Link DI-7300G+ version 19.12.25A1, as a temporary workaround, consider restricting access to the wget test.asp file until a patch is available. Avoid using the `url` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ version 19.12.25A1 Description: A critical issue has been found in the D-Link DI-7300G+ router, affecting some unknown functionality of the file in proxy client.asp. The manipulation of the `proxy srv`, `proxy lanport`, `proxy lanip`, and `proxy srvport` arguments leads to os command injection. This issue can be exploited remotely. Recommendations: For D-Link DI-7300G+ version 19.12.25A1, as a temporary workaround, consider restricting access to the proxy client.asp file until a patch is available. Avoid using the `proxy srv`, `proxy lanport`, `proxy lanip`, and `proxy srvport` arguments in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ versions 17.12.20A1 through 17.12.20A1 D-Link DI-8200G versions 19.12.25A1 through 19.12.25A1 Description: A critical issue was found in the affected devices, affecting an unknown part of the file msp info.htm. The manipulation of the `flag/cmd/iface` argument leads to os command injection. It is possible to initiate the attack remotely. Recommendations: For D-Link DI-7300G+ version 17.12.20A1, consider disabling access to the `msp info.htm` file until a patch is available. For D-Link DI-8200G version 19.12.25A1, restrict the use of the `flag/cmd/iface` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 version 16.03.13.11 multi **Description** A critical issue has been discovered, affecting the /goform/setMacFilterCfg file. The `deviceList` argument is vulnerable to manipulation, leading to a buffer overflow. This issue can be exploited remotely. **Recommendations** For version 16.03.13.11 multi, as a temporary workaround, consider restricting access to the /goform/setMacFilterCfg file until a patch is available. Avoid using the `deviceList` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 version 16.03.13.11 multi **Description** A critical issue was found, affecting the /goform/SetStaticRouteCfg file. The manipulation of the `argument list` leads to a buffer overflow. This issue can be initiated remotely. **Recommendations** For Tenda TX3 version 16.03.13.11 multi, consider restricting access to the /goform/SetStaticRouteCfg endpoint until a patch is available. As a temporary workaround, avoid using the argument list in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 version 16.03.13.11 multi **Description** A critical issue has been found in the processing of the file /goform/SetNetControlList, where the manipulation of the `list` argument leads to a buffer overflow. This issue can be exploited remotely. **Recommendations** For Tenda TX3 version 16.03.13.11 multi, consider restricting access to the /goform/SetNetControlList endpoint until a patch is available. As a temporary workaround, avoid using the `list` argument in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 version 16.03.13.11 multi **Description** A critical vulnerability was found in the Tenda TX3, affecting an unknown function of the file /goform/openSchedWifi. The manipulation of the `schedStartTime` and `schedEndTime` arguments leads to a buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling access to the `/goform/openSchedWifi` endpoint until a patch is available. Restrict the use of the `schedStartTime` and `schedEndTime` arguments to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda TX3 version 16.03.13.11 multi **Description** A critical issue has been found in the /goform/setPptpUserList file, affecting an unknown functionality. The manipulation of the argument list leads to a buffer overflow. This issue can be exploited remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda TX3 version 16.03.13.11 multi, as a temporary workaround, consider restricting access to the /goform/setPptpUserList file until a patch is available. Avoid manipulating the argument list to prevent buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.