Yangshuangning

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The vulnerability affects the `formWrlsafeset` function within the `/goform/AdvSetWrlsafeset` file of the HTTP POST Request Handler component. Manipulation of the `mit ssid` argument can lead to a buffer overflow, allowing for remote exploitation. The exploit for this issue has been publicly disclosed. Recommendations: Tenda FH1201 version 1.2.0.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK T10 version 4.1.8cu.5207 **Description** A critical vulnerability has been found in the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, which is part of the POST Request Handler component. The manipulation of the `File` argument leads to a buffer overflow. This issue can be exploited remotely. A public exploit has been disclosed, which may be used. **Recommendations** As a temporary workaround, consider disabling the `UploadCustomModule` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `File` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK T10 version 4.1.8cu.5207 **Description** A critical issue affects the function `setUpgradeFW` of the file `/cgi-bin/cstecgi.cgi` of the component POST Request Handler. The manipulation of the argument `slaveIpList` leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `setUpgradeFW` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `slaveIpList` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 version 15.03.05.19 multi **Description** A critical issue affects the `fromadvsetlanip` function of the `/goform/AdvSetLanip` file in the HTTP POST Request Handler component. The manipulation of the `lanMask` argument leads to a buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `fromadvsetlanip` function until a patch is available. Restrict access to the `/goform/AdvSetLanip` endpoint to minimize the risk of exploitation. Avoid using the `lanMask` argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 02.03.01.35 Description: A critical issue affects the `formSafeEmailFilter` function of the `/goform/SafeEmailFilter` file in the HTTP POST Request Handler component. The manipulation of the `page` argument leads to a stack-based buffer overflow. This issue can be exploited remotely, potentially impacting the confidentiality, integrity, and availability of protected information by sending a specially crafted POST request. The exploit has been disclosed publicly. Recommendations: For Tenda FH1206 version 02.03.01.35, as a temporary workaround, consider disabling the `formSafeEmailFilter` function until a patch is available. Restrict access to the `/goform/SafeEmailFilter` endpoint to minimize the risk of exploitation. Avoid using the `page` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.