47 matches found
CVE-2022-38310
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg...
Tenda AC18 安全漏洞
Tenda AC18 is a router from Tenda China. A security vulnerability exists in Tenda AC18 version 15.03.05.05, which originates from an improper handling of the parameter mac in the strcpy function of the file /goform/GetParentControlInfo in the component HTTP Request Handler, which may result in a...
PT-2025-52552
Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 Description A flaw exists in the Tenda AC18 router that could allow for remote attacks. The issue is related to the sprintf function within the HTTP Request Handler component, specifically in the file...
CVE-2022-38312
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind...
CVE-2022-38313
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo...
CVE-2024-46628
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution RCE vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function...
CVE-2024-33835
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...
Tenda AC18 安全漏洞
Tenda AC18 is a wireless router manufactured by Tenda. A stack overflow vulnerability exists in the formSetSafeWanWebMan function in Tenda AC18 version V15.03.05.05, which stems from improper handling of the remoteIp parameter. An attacker can exploit this vulnerability to remotely execute...
CVE-2024-32305
Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function...
PT-2024-23662 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A command injection issue exists, allowing attackers to execute arbitrary commands by constructing cmdinput parameters in the "/goform/exeCommand" API endpoint. Recommendations: For Tenda AC18 versi...
PT-2024-22457 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue is related to a stack overflow vulnerability in the ssid parameter of the form fast setting wifi set function. This vulnerability can be exploited, potentially allowing unauthorized access...
PT-2024-22454 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue concerns a command injection vulnerability. It is located in the deviceName parameter of the formsetUsbUnload function. Recommendations: For Tenda AC18 version 15.03.05.05, consider...
Tenda AC18 操作系统命令注入漏洞
Tenda AC18 is a router from Tenda, China. An OS command injection vulnerability exists in Tenda AC18 version 15.03.05.05, which originates from an OS command injection in the usbName parameter of the formSetSambaConf method on the /goform/setsambacfg page...
PT-2024-22455 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue is a stack overflow vulnerability located in the firewallEn parameter of the formSetFirewallCfg function. This vulnerability can be exploited, potentially allowing unauthorized access or...
CVE-2024-2560
CVE-2024-2560 affects Tenda AC18 firmware 15.03.05.05: the fromSysToolRestoreSet function in /goform/SysToolRestoreSet is susceptible to cross-site request forgery. The vulnerability can be triggered remotely, and the exploit has been publicly disclosed. Vendor response is not documented in the s...
CVE-2024-2559
A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to t...
CVE-2024-2559 Tenda AC18 SysToolReboot fromSysToolReboot cross-site request forgery
A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to t...
CVE-2024-2559
CVE-2024-2559 describes a cross-site request forgery in the SysToolReboot function of the /goform/SysToolReboot path on the Tenda AC18 router with firmware 15.03.05.05. The issue allows remote-triggered CSRF by an attacker and has publicly disclosed exploit information, affecting the Tenda AC18 d...
CVE-2024-2558
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...
CVE-2024-2547
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the...