X1Ng

**Name of the Vulnerable Software and Affected Versions** ASUS RT-AX56U Router version 3.0.0.4.386.44266 **Description** A stack overflow issue exists in the httpd service, caused by the `strcat` function called by the `caupload` input handle function, allowing users to enter a large amount of data into the stack. This issue enables an attacker to execute commands remotely, but it requires authentication. **Recommendations** For version 3.0.0.4.386.44266, as a temporary workaround, consider restricting access to the `caupload` input handle function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.