454 matches found
CVE-2025-11526
CVE-2025-11526 affects Tenda AC7 firmware 15.03.06.44. The flaw is a stack-based buffer overflow in /goform/WifiMacFilterSet caused by manipulating the wifi_chkHz argument. The vulnerability is exploitable remotely, with public exploits available. Affected component is the WifiMacFilterSet handli...
CVE-2025-11524
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11524
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11525
A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
EUVD-2025-33269
A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-11525
CVE-2025-11525 affects Tenda AC7 (firmware 15.03.06.44). The issue is a stack-based buffer overflow in the /goform/SetUpnpCfg handler caused by improper validation of the upnpEn parameter. Attackers can exploit remotely to execute arbitrary code or cause denial of service; public exploits/poC hav...
EUVD-2025-33268
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11524 Tenda AC7 SetDDNSCfg stack-based overflow
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11524 Tenda AC7 SetDDNSCfg stack-based overflow
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11524
CVE-2025-11524 affects Tenda AC7 routers (firmware 15.03.06.44). The defect is a stack-based buffer overflow in /goform/SetDDNSCfg via the ddnsEn parameter, enabling remote code execution (exploit published; PoC/attacks possible). Exploit maturity: PoC. Remediation: update to a newer firmware ver...
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
EUVD-2025-33259
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523
The CVE-2025-11523 entry concerns Tenda AC7 15.03.06.44. The affected component is the AdvSetLanip handler, with the vulnerability arising from improper filtering/handling of the lanIp parameter in /goform/AdvSetLanip, enabling remote command injection. Public exploits exist and can be used to ac...
PT-2025-41332
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow exists due to manipulation of the wifi chkHz argument in the /goform/WifiMacFilterSet file. This issue can be triggered remotely. The exploit has been made public...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter wifichkHz in the file /goform/WifiMacFilterSet that fails to correctly validate the length of the input data, and can be...
PT-2025-41327
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow exists in Tenda AC7 version 15.03.06.44. The issue is due to the manipulation of the upnpEn parameter within the /goform/SetUpnpCfg file. This allows for remote...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter Password in the file /goform/fastsettingpppoeset that fails to correctly validate the length and size of the input data, and c...