A stack-based buffer overflow vulnerability exists in Tenda AC21 routers, specifically within the /goform/SetSysTimeCfg file. This security flaw can be exploited remotely by manipulating the timeZone/time arguments. The exploit has been publicly disclosed and poses a serious risk, allowing attackers to potentially execute arbitrary code or disrupt the device's functionality.
https://securityvulnerability.io/vulner ... 2025-13446