A vulnerability exists in the Tenda AC20 router, specifically in the function strcpy located in the /goform/SetFirewallCfg file. This vulnerability can be exploited through a remote attack by manipulating the firewallEn argument, leading to a stack-based buffer overflow. The exploit has been publicly disclosed, presenting significant risks to unsecured devices.
https://securityvulnerability.io/vulner ... -2025-8810