Wxhwxhwxh

**Name of the Vulnerable Software and Affected Versions** Totolink NR1800X version 9.1.0u.6279 B20210910 **Description** A security issue exists in Totolink NR1800X 9.1.0u.6279 B20210910. The issue is related to command injection within the `setTracerouteCfg` function located in the `/cgi-bin/cstecgi.cgi` file, specifically through the POST Request Handler component. Manipulation of the `command` argument allows for remote execution of commands. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3300R version 17.0.0cu.557 B20221024 **Description** A flaw exists in TOTOLINK A3300R that could lead to a stack-based buffer overflow. The issue is located in the `setOpModeCfg` function within the `/cgi-bin/cstecgi.cg` file, specifically within the POST Parameter Handler component. Manipulation of the `opmode` argument can trigger the overflow, and the attack can be carried out remotely. **Recommendations** Update TOTOLINK A3300R to a version newer than 17.0.0cu.557 B20221024.

**Name of the Vulnerable Software and Affected Versions** Tenda O3 version 1.0.0.10(2478) **Description** A weakness exists in the Tenda O3 version 1.0.0.10(2478). This issue affects the `SetValue`/`GetValue` function within the `/goform/setNetworkService` file. Manipulation of the `upnpEn` argument can lead to a stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made publicly available. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `/goform/setNetworkService` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.19(6318) **Description** A stack-based buffer overflow exists in the Tenda AC18 device. The issue is located in the `/goform/SetUpnpCfg` file and involves the manipulation of the `upnpEn` argument. This allows for remote exploitation of the device. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Tenda AC5 version 15.03.06.47 Description: A critical issue has been found in the affected software, classified as critical. The issue affects an unknown functionality of the file /goform/openSchedWifi. The manipulation of the arguments `schedStartTime` and `schedEndTime` leads to a stack-based buffer overflow. This can be exploited remotely. Recommendations: For Tenda AC5 version 15.03.06.47, consider disabling access to the /goform/openSchedWifi endpoint until a patch is available. Restricting the manipulation of the `schedStartTime` and `schedEndTime` arguments can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC6 version 15.03.05.16 **Description** A critical vulnerability has been found in the function `formSetPPTPUserList` of the file `/goform/setPptpUserList`. The manipulation of the `list` argument leads to a buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `formSetPPTPUserList` function until a patch is available. Restrict access to the `/goform/setPptpUserList` endpoint to minimize the risk of exploitation. Avoid using the `list` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC8 version 16.03.34.09 **Description** A critical issue has been identified, affecting the `fromSetWirelessRepeat` function of the file `/goform/WifiExtraSet`. The manipulation of the `wpapsk crypto` argument leads to a stack-based buffer overflow. This issue can be exploited remotely. **Recommendations** For Tenda AC8 version 16.03.34.09, as a temporary workaround, consider disabling the `fromSetWirelessRepeat` function until a patch is available. Restrict access to the `/goform/WifiExtraSet` file to minimize the risk of exploitation. Avoid using the `wpapsk crypto` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3700R version 9.1.2u.5822 B20200513 **Description** A critical issue affects the `setL2tpServerCfg` function of the file /cgi-bin/cstecgi.cgi, leading to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For TOTOLINK A3700R version 9.1.2u.5822 B20200513, as a temporary workaround, consider disabling the `setL2tpServerCfg` function until a patch is available. Restrict access to the /cgi-bin/cstecgi.cgi file to minimize the risk of exploitation.