CVE-2025-15254

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

EUVD-2025-205784

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-15254

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-15254

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

CVE-2025-15254

CVE-2025-15254 affects Tenda W6-S 1.0.0.4(510) ATE Service, specifically the TendaAte function in the /goform/ate file. The root cause is an input manipulation that enables an OS command injection. The vulnerability can be exploited remotely over the network, and the exploit has been publicly dis...

Tenda W6-S 操作系统命令注入漏洞

Tenda W6-S is a wireless access point device from Tenda China. An OS command injection vulnerability exists in Tenda W6-S version 1.0.0.4, which originates from an incorrect operation of the file /goform/ate in the component ATE Service, which could lead to os command injection...

PT-2025-54180

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

EUVD-2025-26135

Malicious code in bioql PyPI...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

PT-2025-35130

Name of the Vulnerable Software and Affected Versions Tenda AC10 versions 16.03.10.09 multi TDE01 Description An input validation flaw exists in the 'ate' service that allows for privilege escalation to root via a crafted UDP packet. Recommendations Update to a newer firmware version to address...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

CVE-2025-57220

CVE-2025-57220 describes an input validation flaw in the ate service of the Tenda AC10 v4.0 firmware (v16.03.10.09_multi_TDE01) that allows privilege escalation to root via a specially crafted UDP packet. Affected component is the ate service on the AC10, with network-based exploit potential (att...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

CVE-2025-46628

Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not needed...

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...