CVE-2023-38823

Name of the Vulnerable Software and Affected Versions Tenda AC19 version 1.0 Tenda AC18 (affected versions not specified) Tenda AC9 version 1.0 Tenda AC6 versions 1.0 through 2.0

Description A Buffer Overflow issue allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.

Recommendations For Tenda AC19 version 1.0, update to a version that fixes the Buffer Overflow issue in the formSetCfm function. For Tenda AC18, apply the necessary patch or update to resolve the Buffer Overflow vulnerability. For Tenda AC9 version 1.0, update the firmware to address the Buffer Overflow issue. For Tenda AC6 versions 1.0 through 2.0, apply a patch or update that fixes the Buffer Overflow vulnerability in the formSetCfm function. As a temporary workaround, consider disabling the formSetCfm function until a patch is available.