the TIFF sends a code to whatever kernel or user vulnerability first. then overrides, then goes to ram.
which has been tried on all current firmware by more trusted people and has been determined as unusable.
also, IF you do have an exploit, current chickhen won't work on higher firmwares. you'd have to make a whole new one from scratch and code it for that firmware.