A critical stack-based buffer overflow in Tenda W12 firmware allows remote attackers to execute arbitrary code with elevated privileges.

A stack-based overflow exists in the cgistaKickOff function within the /bin/httpd file. An attacker can trigger this by providing a specially crafted 'staMac' argument to the web interface, leading to memory corruption and potential code execution.

With a CVSS score of 8.8, this is a critical vulnerability. Successful exploitation grants an attacker full control over the affected Tenda W12 device, potentially allowing them to intercept traffic, pivot into internal networks, or launch further attacks.

Immediate Action: Apply the latest firmware update provided by Tenda to resolve the buffer overflow issue.

Proactive Monitoring: Monitor network traffic for unusual requests directed at the device's web administration interface.

Compensating Controls: Restrict access to the web administration interface to trusted internal IP addresses and disable remote management features.

Public Exploit Available: true

This vulnerability is highly critical and exposed to active exploitation. All Tenda W12 devices should be updated to the latest firmware immediately, and the web management interface should be isolated from the public internet.