Tenda Vulnerability Key Information Vendor: Tenda Product: O3V2 Version: 1.0.0.12(3880) Type: Stack Overflow Author: Jiaqian Peng Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description Stack Overflow in Httpd binary: - The function directly passes the parameter provided by the attacker. - If the data exceeds a safe length, it triggers a stack overflow, enabling remote attackers to crash the server and execute arbitrary code. - The parameter is copied to a local stack variable without length validation, resulting in a buffer overflow. PoC Result The target router crashes and is unable to provide services correctly and persistently.