Yhryhryhr_Mie

**Name of the Vulnerable Software and Affected Versions** Totolink NR1800X version 9.1.0u.6279 B20210910 **Description** A buffer overflow issue exists in the `setWizardCfg` function within the `/cgi-bin/cstecgi.cgi` file of the POST Request Handler component. Manipulating the `ssid` argument can trigger this issue. The attack can be initiated remotely. The exploit is publicly available. **Recommendations** For Totolink NR1800X version 9.1.0u.6279 B20210910, restrict access to the `/cgi-bin/cstecgi.cgi` file or disable the `setWizardCfg` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Tenda AC7 version 15.03.06.44 **Description** A stack-based buffer overflow exists in Tenda AC7 routers due to improper processing of the `ddnsEn` argument within the `/goform/SetDDNSCfg` file. This manipulation allows for remote code execution. The exploit for this issue has been published. **Recommendations** Update to a newer version to address this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 version 15.03.05.18 **Description** A security flaw exists in Tenda AC15 version 15.03.05.18. The issue is a stack-based buffer overflow resulting from manipulation of the `enable` argument in an unknown function within the /goform/saveAutoQos file. Remote exploitation is possible, and the exploit has been released publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3700R version 9.1.2u.5822 B20200513 **Description** A critical issue was found in the `setDdnsCfg` function of the file `/cgi-bin/cstecgi.cgi`, leading to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** As a temporary workaround, consider disabling the `setDdnsCfg` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda FH1202 version 1.2.0.14(408) **Description** A critical issue was found in the Web Management Interface of the affected software, specifically affecting an unknown part of the file /goform/qossetting. This issue leads to improper access controls and can be initiated remotely. The exploit has been disclosed publicly. **Recommendations** For Tenda FH1202 version 1.2.0.14(408), consider restricting access to the /goform/qossetting file in the Web Management Interface until a patch is available. As a temporary workaround, limit remote access to the Web Management Interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda FH1202 version 1.2.0.14(408) **Description** A critical issue has been found, affecting some unknown functionality of the file /default.cfg. The manipulation of the `these` argument leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda FH1202 version 1.2.0.14(408), as a temporary workaround, consider restricting access to the file /default.cfg to minimize the risk of exploitation. Avoid using the `these` argument in affected configurations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-816 A2 version 1.10CNB05 R1B011D88210 **Description** A critical vulnerability was found in the WiFi Settings Handler component, specifically in an unknown function of the file /goform/form2AdvanceSetup.cgi. The manipulation leads to improper access controls, allowing for remote attacks. The exploit has been disclosed to the public and may be used. **Recommendations** For version 1.10CNB05 R1B011D88210, as a temporary workaround, consider restricting access to the /goform/form2AdvanceSetup.cgi file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 1.0/15.03.06.49 **Description** The issue is related to a stack-based buffer overflow in the `formSetQosBand` function of the `/goform/SetNetControlList` file. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. The manipulation of the `list` argument leads to this buffer overflow. The attack can be launched remotely. **Recommendations** For Tenda AC10U version 1.0/15.03.06.49, as a temporary workaround, consider disabling the `formSetQosBand` function until a patch is available. Restrict access to the `/goform/SetNetControlList` endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U versions 15.03.06.49 **Description** The issue is related to the function formWriteFacMac, specifically the /goform/WriteFacMac endpoint, where a lack of proper sanitization of special elements in the command allows for os command injection. This can be exploited by a remote attacker to execute arbitrary commands. The manipulation of the `mac` argument is key to this exploit. **Recommendations** For version 15.03.06.49, as a temporary workaround, consider restricting access to the /goform/WriteFacMac endpoint to minimize the risk of exploitation. Avoid using the `mac` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** A critical issue has been found in the `setSchedWifi` function of the `/goform/openSchedWifi` file, which can lead to a stack-based buffer overflow when the `schedStartTime` argument is manipulated. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. The exploit has been disclosed publicly. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider disabling the `setSchedWifi` function until a patch is available. Restrict access to the `/goform/openSchedWifi` file to minimize the risk of exploitation. Avoid using the `schedStartTime` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** The issue is related to a stack-based buffer overflow in the Tenda AC10U router's firmware, specifically affecting the function formSetFirewallCfg (/goform/SetFirewallCfg) and formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the `mac` argument leads to this overflow. It is possible to launch the attack remotely, which may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider blocking access to the admin interface until a patch is available. Restrict access to the vulnerable function formSetDeviceName to minimize the risk of exploitation. Avoid using the `mac` parameter in the affected API endpoint /goform/SetOnlineDevName until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** The issue is related to a stack-based buffer overflow in the `formSetFirewallCfg` function, accessible through the "/goform/SetFirewallCfg" endpoint. The manipulation of the `firewallEn` argument can lead to this overflow. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider restricting access to the `/goform/SetFirewallCfg` endpoint to minimize the risk of exploitation. Avoid manipulating the `firewallEn` argument in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** A critical issue was found in the function `formWifiWpsStart` of the file `/goform/WifiWpsStart`, which is related to a stack-based buffer overflow. This can be initiated remotely through the manipulation of the `index` argument. The issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider disabling the `formWifiWpsStart` function until a patch is available. Restrict access to the `/goform/WifiWpsStart` endpoint to minimize the risk of exploitation. Avoid using the `index` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.48 **Description** A critical issue affects the `addWifiMacFilter` function of the file `/goform/addWifiMacFilter`, leading to a stack-based buffer overflow when the `deviceMac` argument is manipulated. This can be exploited remotely, potentially impacting the confidentiality, integrity, and availability of protected information. The exploit has been publicly disclosed. **Recommendations** For Tenda AC10U version 15.03.06.48, as a temporary workaround, consider disabling the `addWifiMacFilter` function until a patch is available. Restrict access to the `/goform/addWifiMacFilter` endpoint to minimize the risk of exploitation. Avoid using the `deviceMac` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** The issue is related to a stack-based buffer overflow in the `fromSetRouteStatic` function of the `/goform/SetStaticRouteCfg` file. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. The manipulation of the `list` argument leads to this buffer overflow. It is possible to launch the attack remotely. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider disabling the `fromSetRouteStatic` function until a patch is available. Restrict access to the `/goform/SetStaticRouteCfg` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10U version 15.03.06.49 **Description** The issue is related to a stack-based buffer overflow in the `formexeCommand` function of the `/goform/execCommand` file. This can be exploited by manipulating the `cmdinput` argument, potentially allowing a remote attacker to impact the confidentiality, integrity, and availability of protected information. The attack may be initiated remotely. **Recommendations** For Tenda AC10U version 15.03.06.49, as a temporary workaround, consider restricting access to the `/goform/execCommand` endpoint until a patch is available. Additionally, avoid using the `cmdinput` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.