Svigo

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A flaw exists in the Tenda i3 device. The `formwrlSSIDset` function within the `/goform/wifiSSIDset` file is susceptible to a stack-based buffer overflow when the `index/GO` argument is manipulated. This allows for remote exploitation. The exploit for this issue has been publicly disclosed. **Recommendations** Tenda i3 version 1.0.0.6(2204): At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A flaw exists in Tenda i3 version 1.0.0.6(2204). The `formwrlSSIDget` function within the `/goform/wifiSSIDget` file is affected. Manipulating the `index` argument can lead to a stack-based buffer overflow. This attack can be launched remotely. An exploit for this issue has been published. **Recommendations** For Tenda i3 version 1.0.0.6(2204), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A stack-based buffer overflow exists in the `formSetAutoPing` function of the file `/goform/setAutoPing` in Tenda i3 version 1.0.0.6(2204). Manipulation of the `ping1` or `ping2` argument can trigger the overflow. The issue is remotely exploitable and an exploit has been made public. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/setAutoPing` file. Avoid manipulating the `ping1` or `ping2` arguments in the affected function.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A stack-based buffer overflow exists in the `formWifiMacFilterGet` function of the file `/goform/WifiMacFilterGet`. Manipulation of the `index` argument can trigger this issue, allowing for remote exploitation. A public exploit is available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A stack-based buffer overflow issue exists in the `formexeCommand` function located in the `/goform/exeCommand` file. Manipulation of the `cmdinput` argument can trigger this issue, potentially allowing for remote exploitation. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A flaw exists in Tenda i3 that allows for a stack-based buffer overflow. The issue is located in the `formSetCfm` function within the `/goform/setcfm` file. Manipulation of the `funcpara1` argument triggers the overflow. Remote exploitation is possible. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda i3 version 1.0.0.6(2204) **Description** A security flaw exists in Tenda i3. This issue affects the `formWifiMacFilterSet` function within the `/goform/WifiMacFilterSet` file. Manipulation of the `index` argument can lead to a stack-based buffer overflow, allowing for remote attacks. The exploit for this issue has been publicly released and may be used in attacks. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/WifiMacFilterSet` file to minimize the risk of exploitation.