A critical stack-based buffer overflow in the Tenda W12 web server allows remote, unauthenticated attackers to gain system control, with active exploitation observed in the wild.

This is a stack-based buffer overflow vulnerability located in the set_local_time_0 function of the /bin/httpd web server. The flaw stems from insufficient input validation of the 'Time' argument, allowing an unauthenticated remote attacker to overwrite stack memory.

The CVSS score of 8.8 (High) accurately reflects the significant risk this vulnerability poses to business operations. Successful exploitation can lead to full system compromise, unauthorized data access, and potential lateral movement within the network. The fact that this is a remote, unauthenticated exploit significantly increases the likelihood of a successful attack against exposed infrastructure.

Immediate Action: Update Tenda W12 firmware to the latest available version provided by the manufacturer. If an update is not yet available, restrict access to the web management interface to trusted internal networks only.

Proactive Monitoring: Review system and web server access logs for anomalous requests, particularly those containing long or malformed strings directed toward time-setting functions.

Compensating Controls: Implement a Web Application Firewall (WAF) to inspect and block malformed HTTP requests containing suspicious 'Time' parameter inputs.

Public Exploit Available: true

Given the confirmed active exploitation and the severity of this remote code execution vulnerability, immediate mitigation is required. Organizations using the affected Tenda W12 device should prioritize patching and ensure that management interfaces are not exposed to the public internet.