A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMa…

A critical stack-based buffer overflow vulnerability has been discovered in Tenda W12 router firmware version 3.0.0.7(4763). The flaw exists in the cgistaKickOff function within the /bin/httpd file, where manipulation of the staMac argument can trigger the overflow. This vulnerability can be exploited remotely by attackers. A public exploit has been released and is available for use, significantly increasing the risk to affected devices. The vulnerability allows remote code execution on vulnerable Tenda W12 routers.