Yhryhryhr

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3300R version 17.0.0cu.557 B20221024 **Description** A flaw exists in TOTOLINK A3300R. The issue is a stack-based buffer overflow caused by the manipulation of the `recHour` argument within the `setScheduleCfg` function located in the `/cgi-bin/cstecgi.cgi` file, specifically within the POST Parameter Handler component. This allows for remote exploitation. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda O3 version 1.0.0.10(2478) **Description** A security issue exists in Tenda O3 version 1.0.0.10(2478). The `SetValue`/`GetValue` function within the `/goform/setVlanConfig` file is susceptible to a stack-based buffer overflow. This occurs through manipulation of the `lan` argument. The attack can be initiated remotely. The exploit for this issue has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A stack-based buffer overflow exists due to manipulation of the `wifi chkHz` argument in the /goform/WifiMacFilterSet file. This issue can be triggered remotely. The exploit has been made public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A command injection issue exists in Tenda AC7 version 15.03.06.44. The issue is located in the file `/goform/AdvSetLanip`. Manipulation of the `lanIp` argument can lead to command injection. This can be exploited remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.19(6318) **Description** A stack-based buffer overflow issue exists in the processing of the `/goform/SetDDNSCfg` file in Tenda AC18. The manipulation of the `ddnsEn` argument can trigger this overflow, allowing for remote attacks. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.19 **Description** A security issue exists in Tenda AC18 version 15.03.05.19. The issue involves command injection through manipulation of the `lanIp` argument in the file /goform/AdvSetLanip. This can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** sequa-ai sequa-mcp versions prior to 1.0.14 **Description** A vulnerability exists in the `redirectToAuthorization` function within the OAuth Server Discovery component, specifically in the file `src/helpers/node-oauth-client-provider.ts`. Manipulation of the system can lead to operating system command injection. Remote exploitation is possible. **Recommendations** Upgrade to version 1.0.14 or later.

**Name of the Vulnerable Software and Affected Versions** Tenda AC8 version 16.03.34.09 **Description** A critical issue has been found, affecting the function `fromSetSysTime` of the file `/goform/SetSysTimeCfg`. The manipulation of the argument `timeType` leads to a stack-based buffer overflow. This issue can be exploited remotely. **Recommendations** For Tenda AC8 version 16.03.34.09, as a temporary workaround, consider disabling the `fromSetSysTime` function until a patch is available. Restrict access to the `/goform/SetSysTimeCfg` file to minimize the risk of exploitation. Avoid using the `timeType` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC5 version 15.03.06.47 **Description** A critical issue has been found in the function `formSetPPTPUserList` of the file `/goform/setPptpUserList`. The manipulation of the `list` argument leads to a buffer overflow. This issue can be exploited remotely. **Recommendations** For Tenda AC5 version 15.03.06.47, as a temporary workaround, consider disabling the `formSetPPTPUserList` function until a patch is available. Restrict access to the `/goform/setPptpUserList` endpoint to minimize the risk of exploitation. Avoid using the `list` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical vulnerability was found in the `fromadvsetlanip` function of the `/goform/AdvSetLanip` file. The manipulation of the `lanMask` argument leads to a buffer overflow. The attack can be launched remotely. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `fromadvsetlanip` function until a patch is available. Restrict access to the `/goform/AdvSetLanip` file to minimize the risk of exploitation. Avoid using the `lanMask` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3700R version 9.1.2u.5822 B20200513 **Description** A critical vulnerability was found in the TOTOLINK A3700R, affecting the function `setWiFiEasyGuestCfg` of the file `/cgi-bin/cstecgi.cgi`. The manipulation leads to improper access controls, allowing for remote attacks. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond. **Recommendations** As a temporary workaround, consider disabling the `setWiFiEasyGuestCfg` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3700R version 9.1.2u.5822 B20200513 **Description** A critical vulnerability has been found in the TOTOLINK A3700R, affecting the function `setWiFiEasyCfg/setWiFiEasyGuestCfg` of the file `/cgi-bin/cstecgi.cgi` in the Password Handler component. This issue leads to improper access controls and can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For TOTOLINK A3700R version 9.1.2u.5822 B20200513, as a temporary workaround, consider disabling the `setWiFiEasyCfg` and `setWiFiEasyGuestCfg` functions until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the vulnerable Password Handler component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda FH1202 version 1.2.0.14(408) **Description** A critical issue affects the Web Management Interface component, specifically the unknown processing of the file /goform/SysToolDDNS. This leads to improper access controls, allowing for remote attacks. The exploit has been publicly disclosed. **Recommendations** For Tenda FH1202 version 1.2.0.14(408), consider restricting access to the `/goform/SysToolDDNS` endpoint until a patch is available. As a temporary workaround, limit the use of the Web Management Interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-618 versions 2.02/3.02 D-Link DIR-605L versions 2.02/3.02 **Description** A vulnerability was found that affects the file /goform/formTcpipSetup, leading to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-618 versions 2.02/3.02, consider restricting access to the /goform/formTcpipSetup file to minimize the risk of exploitation. For D-Link DIR-605L versions 2.02/3.02, consider restricting access to the /goform/formTcpipSetup file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-816 A2 version 1.10CNB05 R1B011D88210 **Description** A critical issue affects the unknown code of the file /goform/DDNS of the DDNS Service component, leading to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For D-Link DIR-816 A2 version 1.10CNB05 R1B011D88210, as a temporary workaround, consider disabling the access to the /goform/DDNS file until a patch is available. Restrict access to the DDNS Service component to minimize the risk of exploitation. Avoid using the DDNS Service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical issue affects the `formQuickIndex` function of the `/goform/QuickIndex` file, allowing for a stack-based buffer overflow through the manipulation of the `PPPOEPassword` argument. This can be exploited remotely, potentially leading to privilege escalation by writing specially crafted data. The issue has been publicly disclosed. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `formQuickIndex` function of the `/goform/QuickIndex` file until a patch is available. Restrict access to the `/goform/QuickIndex` endpoint to minimize the risk of exploitation. Avoid using the `PPPOEPassword` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical issue affects the `formSetDeviceName` function of the `/goform/SetOnlineDevName` file, leading to a stack-based buffer overflow when the `devName` or `mac` argument is manipulated. This can be exploited remotely, potentially impacting the confidentiality, integrity, and availability of protected information. The exploit has been publicly disclosed. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `formSetDeviceName` function until a patch is available. Restrict access to the `/goform/SetOnlineDevName` file to minimize the risk of exploitation. Avoid using the `devName` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical issue affects the `formSetPPTPServer` function of the file `/goform/SetPptpServerCfg`. The manipulation of the `startIP` argument leads to a stack-based buffer overflow. This issue can be exploited remotely, potentially impacting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `formSetPPTPServer` function until a patch is available. Restrict access to the `/goform/SetPptpServerCfg` endpoint to minimize the risk of exploitation. Avoid using the `startIP` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical vulnerability was found in the function `setSchedWifi` of the file `/goform/openSchedWifi`. The manipulation of the arguments `schedStartTime` and `schedEndTime` leads to a stack-based buffer overflow. This issue can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `setSchedWifi` function until a patch is available. Restrict access to the `/goform/openSchedWifi` endpoint to minimize the risk of exploitation. Avoid using the parameters `schedStartTime` and `schedEndTime` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC18 version 15.03.05.05 **Description** A critical issue was found in the function `formSetSpeedWan` of the file `/goform/SetSpeedWan`. The manipulation of the argument `speed dir` leads to a stack-based buffer overflow. This issue can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC18 version 15.03.05.05, as a temporary workaround, consider disabling the `formSetSpeedWan` function until a patch is available. Restrict access to the `/goform/SetSpeedWan` endpoint to minimize the risk of exploitation. Avoid using the parameter `speed dir` in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.