Key Information Summary 1. Basic Information Vendor: Shenzhen Tenda Technology Co., Ltd. Affected Device Type: Router Affected Product: AC20 Affected Product Version: < V16.03.08.12 (latest version) 2. Vulnerability Overview Vulnerability Type: Buffer Overflow Trigger Method: An attacker can trigger this vulnerability by sending a specially crafted HTTP POST request to the path. 3. Vulnerability Details Environment Setup: Simulate the environment using the command . Vulnerable Function: Issue: The value is copied into the array without length checking, leading to a buffer overflow. 4. POC (Proof of Concept) Request Example: 5. Vulnerability Impact Potential Harm: Buffer overflow, execution of arbitrary commands, privilege escalation. 6. Mitigation Measures 1. Contact the vendor to obtain security patches and apply them promptly. 2. Coordinate with the security team to update security policies in a timely manner. 3. Regularly perform security checks on interface parameters.