CVE-2021-44352

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version V15.03.05.18 multi

Description: A Stack-based Buffer Overflow issue exists in the Tenda AC15 device via the list parameter in a POST request in "goform/SetIpMacBind".

Recommendations: For Tenda AC15 version V15.03.05.18 multi, consider restricting access to the "goform/SetIpMacBind" endpoint until a patch is available. As a temporary workaround, avoid using the list parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.