Ysnysn0121

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the HTTP POST Request Handler component of the affected product. The `fromSafeUrlFilter` function within the `/goform/fromSafeUrlFilter` file is susceptible to a buffer overflow. This occurs through the manipulation of the `page` argument, allowing for remote exploitation. The exploit for this issue has been publicly disclosed. Recommendations: Tenda FH1201 version 1.2.0.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC9 version 15.03.02.13 **Description** A critical vulnerability has been found in the function `fromadvsetlanip` of the file `/goform/AdvSetLanip` of the component POST Request Handler. The manipulation of the argument `lanMask` leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda AC9 version 15.03.02.13, as a temporary workaround, consider disabling the `fromadvsetlanip` function until a patch is available. Restrict access to the `/goform/AdvSetLanip` endpoint to minimize the risk of exploitation. Avoid using the `lanMask` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK T10 version 4.1.8cu.5207 **Description** A critical issue affects the `setWiFiRepeaterCfg` function of the `/cgi-bin/cstecgi.cgi` file in the POST Request Handler component. The manipulation of the `Password` argument leads to a buffer overflow. This issue can be exploited remotely, and the exploit has been disclosed to the public. **Recommendations** As a temporary workaround, consider disabling the `setWiFiRepeaterCfg` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `Password` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC15 version 15.03.05.19 multi **Description** A critical vulnerability was found in the Tenda AC15 router, specifically affecting the `formSetPPTPUserList` function of the `/goform/setPptpUserList` file in the HTTP POST Request Handler component. The manipulation of the `list` argument leads to a buffer overflow. This issue can be exploited remotely, and the exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider disabling the `formSetPPTPUserList` function until a patch is available. Restrict access to the `/goform/setPptpUserList` API endpoint to minimize the risk of exploitation. Avoid using the `list` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC9 version 15.03.02.13 **Description** A problematic issue was found, affecting an unknown part of the system. The manipulation leads to cross-site request forgery, which can be initiated remotely. **Recommendations** For Tenda AC9 version 15.03.02.13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.