Wxhwxhwxh_Miemie

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A critical issue has been discovered in the Tenda AC7, specifically in the function `formSetCfm` located in the "/goform/setcfm" file. This issue is caused by the manipulation of the `funcpara1` argument, leading to a stack-based buffer overflow. The attack can be launched remotely, potentially affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC7 version 15.03.06.44, as a temporary workaround, consider disabling the `formSetCfm` function until a patch is available. Restrict access to the "/goform/setcfm" file to minimize the risk of exploitation. Avoid using the `funcpara1` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 version 15.03.05.18 **Description** A critical issue affects the `saveParentControlInfo` function of the file `/goform/saveParentControlInfo`, leading to a stack-based buffer overflow when the `urls` argument is manipulated. This can be exploited remotely, potentially allowing an attacker to cause a denial of service or execute arbitrary code. **Recommendations** For Tenda AC15 version 15.03.05.18, as a temporary workaround, consider disabling the `saveParentControlInfo()` function until a patch is available. Additionally, disable remote management to minimize the risk of exploitation. Contact the vendor for updates on a patch.

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A critical vulnerability was found in the function `formQuickIndex` of the file `/goform/QuickIndex`, which can be exploited remotely. The manipulation of the argument `PPPOEPassword` leads to a stack-based buffer overflow, potentially affecting the confidentiality, integrity, and availability of protected information. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda AC7 version 15.03.06.44, update the firmware immediately to resolve the issue. If an update is unavailable, limit network access and monitor traffic as a temporary mitigation measure. Consider disabling the `formQuickIndex` function or restricting access to the `/goform/QuickIndex` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 version 15.03.20 multi **Description** A critical issue affects the `saveParentControlInfo` function of the file "/goform/saveParentControlInfo". The manipulation of the `urls` argument leads to a stack-based buffer overflow. This can be initiated remotely, potentially allowing an attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Tenda AC15 version 15.03.20 multi, as a temporary workaround, consider disabling the `saveParentControlInfo()` function until a patch is available. Restrict access to the "/goform/saveParentControlInfo" endpoint to minimize the risk of exploitation. Avoid using the `urls` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 versions 15.03.05.18 through 15.03.20 multi **Description** The issue is related to the function `formSetSambaConf()` at the `/goform/setsambacfg` endpoint, where the `usbName` parameter is not properly sanitized, leading to OS command injection. This allows a remote attacker to execute arbitrary commands. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda AC15 versions 15.03.05.18 through 15.03.20 multi, as a temporary workaround, consider disabling the `formSetSambaConf()` function at the `/goform/setsambacfg` endpoint until a patch is available. Restrict access to the `usbName` parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 versions 15.03.05.18 through 15.03.05.19 and version 15.03.20 **Description** A critical vulnerability was found in the function `fromSetSysTime` of the file `/goform/SetSysTimeCfg`. The manipulation of the argument `time` leads to a stack-based buffer overflow. This issue can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda AC15 versions 15.03.05.18 through 15.03.05.19 and version 15.03.20, as a temporary workaround, consider disabling the `fromSetSysTime` function until a patch is available. Restrict access to the `/goform/SetSysTimeCfg` file to minimize the risk of exploitation. Avoid using the `time` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U versions 15.03.06.48 through 15.03.06.49 **Description** A critical issue affects the function `formSetSambaConf` of the file `/goform/setsambacfg`. The manipulation of the argument `usbName` leads to os command injection. The attack may be initiated remotely. **Recommendations** For Tenda AC10U versions 15.03.06.48 through 15.03.06.49, as a temporary workaround, consider disabling the `formSetSambaConf` function until a patch is available. Restrict access to the `/goform/setsambacfg` file to minimize the risk of exploitation. Avoid using the parameter `usbName` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** The issue is related to the function `formSetSambaConf()` in the `/goform/setsambacfg` endpoint, where the `usbName` parameter is not properly sanitized, leading to OS command injection. This allows a remote attacker to execute arbitrary commands. The exploit has been disclosed to the public. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `formSetSambaConf()` function until a patch is available. Restrict access to the `/goform/setsambacfg` endpoint to minimize the risk of exploitation. Avoid using the `usbName` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 versions 16.03.10.13 through 16.03.10.20 **Description** The issue is related to the function `fromSetSysTime()` in the `/goform/SetSysTimeCfg` file, which is vulnerable to a stack-based buffer overflow when handling the `timeZone` parameter. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC10 versions 16.03.10.13 through 16.03.10.20, as a temporary workaround, consider disabling the `fromSetSysTime()` function until a patch is available. Restrict access to the `/goform/SetSysTimeCfg` file to minimize the risk of exploitation. Avoid using the `timeZone` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.