Lucene search
K

859 matches found

Cvelist
Cvelist
added 2025/12/21 4:2 a.m.19 views

CVE-2025-14992 Tenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflow

A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the...

9CVSS0.00636EPSS
Exploits1References6
CVE
CVE
added 2025/12/21 4:2 a.m.13 views

CVE-2025-14992

CVE-2025-14992 affects Tenda AC18 firmware 15.03.05.05. The vulnerability is a stack-based overflow in the HTTP Request Handler’s GetParentControlInfo, caused by unsafe handling of the mac argument in strcpy. Remote exploitation is possible and exploits have been publicly disclosed. Public source...

9CVSS6.8AI score0.00636EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2025/12/21 12:0 a.m.4 views

Tenda AC18 安全漏洞

Tenda AC18 is a router from Tenda China. A security vulnerability exists in Tenda AC18 version 15.03.05.05, which originates from an improper handling of the parameter mac in the strcpy function of the file /goform/GetParentControlInfo in the component HTTP Request Handler, which may result in a...

9CVSS9.1AI score0.00636EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.3 views

PT-2025-53536

Уязвимость функции sprintf микропрограммного обеспечения маршрутизаторов Tenda AC18 связана с выходом операции за границы буфера в памяти при обработке параметра scanList. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код или вызвать отказ в...

9CVSS7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52552

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 Description A flaw exists in the Tenda AC18 router that could allow for remote attacks. The issue is related to the sprintf function within the HTTP Request Handler component, specifically in the file...

9CVSS7.2AI score0.00671EPSS
Exploits1References19
CNVD
CNVD
added 2025/11/14 12:0 a.m.2 views

Tenda AC18 guestSsid Parameter Stack Buffer Overflow Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the /goform/WifiGuestSet interface guestSsid parameter fails to correctly...

8.8CVSS8.4AI score0.00632EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.3 views

Tenda AC18 ssid parameter cross-site scripting vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by th...

5.4CVSS6.5AI score0.00219EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/11 12:11 a.m.5 views

CVE-2025-63835

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to...

8.8CVSS8.2AI score0.00632EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/10 6:30 p.m.4 views

EUVD-2025-48944

A stored cross-site scripting XSS vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage...

5.5AI score0.00219EPSS
Exploits1References2
NVD
NVD
added 2025/11/10 5:15 p.m.9 views

CVE-2025-63835

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to...

8.8CVSS0.00632EPSS
Exploits1References1
OSV
OSV
added 2025/11/10 5:15 p.m.5 views

CVE-2025-63834

A stored cross-site scripting XSS vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage...

5.4CVSS5.8AI score0.00219EPSS
Exploits1References1
NVD
NVD
added 2025/11/10 5:15 p.m.6 views

CVE-2025-63834

A stored cross-site scripting XSS vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage...

5.4CVSS0.00219EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.10 views

PT-2025-46176

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 multi Description A stored cross-site scripting XSS issue exists in Tenda AC18. The issue is located in the ssid parameter within the wireless settings. An attacker can inject malicious payloads that will execute...

6.2AI score0.00219EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.12 views

PT-2025-46177

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 multi Description A stack-based buffer overflow issue exists in Tenda AC18 version 15.03.05.05 multi. The issue is located in the guestSsid parameter of the /goform/WifiGuestSet API endpoint. Sending oversized da...

8.2AI score0.00632EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.4 views

Tenda AC18 安全漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the /goform/WifiGuestSet interface guestSsid parameter fails to correctly...

8.8CVSS8.1AI score0.00632EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/10 12:0 a.m.3 views

CVE-2025-63835

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to...

8.2AI score0.00632EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.5 views

Tenda AC18 安全漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data by th...

5.4CVSS6.2AI score0.00219EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/10 12:0 a.m.3 views

CVE-2025-63834

A stored cross-site scripting XSS vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage...

5.6AI score0.00219EPSS
Exploits1References1
CVE
CVE
added 2025/11/10 12:0 a.m.16 views

CVE-2025-63834

CVE-2025-63834 concerns a stored cross-site scripting (XSS) in the Tenda AC18 router. Affected product: Tenda AC18 v15.03.05.05_multi. Vulnerable component: the ssid parameter in the wireless settings; root cause is inadequate input filtering/escaping of user-supplied data. Impact per sources: at...

5.4CVSS5.6AI score0.00219EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/11/10 12:0 a.m.8 views

CVE-2025-63835

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to...

0.00632EPSS
Exploits1References1
Rows per page
Query Builder