Tenda Vulnerability Key Information Vendor: Tenda Product: O3V2 Version: 1.0.0.12(3880) Type: Stack Overflow Author: Jiaqian Peng Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description Stack Overflow in Httpd binary: - The function directly passes the parameter from the attacker. - If the data is too long, it causes a stack overflow, allowing remote attackers to crash the server and execute arbitrary code. - The parameter is copied to a local variable on the stack without checking its length, leading to buffer overflow. PoC Result The target router crashes and cannot provide services correctly and persistently.