Tenda Vulnerability Vendor and Product Vendor: Tenda Product: Tenda Router Firmware Affected Versions Versions: 1.0, 2.0, 3.0, 4.0 Vulnerability Type Type: Stack Overflow Authorization Required Required: Yes Discovery Information Discoverer: Direction of Information Engineering Institute, Chinese Academy of Sciences (CAS) Vulnerability Description The vulnerability is a stack overflow in the function within the firmware. The function processes user input without proper validation, leading to a buffer overflow when the input exceeds the allocated buffer size. Key Code Snippet This line copies user input directly into a fixed-size buffer ( ) without checking the length of the input, causing a potential buffer overflow. Proof of Concept (PoC) A PoC request is provided to demonstrate the vulnerability: Result Executing the PoC can lead to a crash or potentially allow remote code execution on the affected device.