113 matches found
CVE-2025-12212
A weakness has been identified in Tenda O3 1.0.0.102478. This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the...
CVE-2025-12210
A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...
CVE-2025-12212
A weakness has been identified in Tenda O3 1.0.0.102478. This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the...
EUVD-2025-36079
A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and ma...
CVE-2025-12214
A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and...
CVE-2025-12214 Tenda O3 sysAutoReboot GetValue stack-based overflow
A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and...
CVE-2025-12212
A weakness has been identified in Tenda O3 1.0.0.102478. This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the...
CVE-2025-12212 Tenda O3 setNetworkService GetValue stack-based overflow
A weakness has been identified in Tenda O3 1.0.0.102478. This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the...
CVE-2025-12212
CVE-2025-12212 affects Tenda O3 1.0.0.10(2478). The vulnerability is in the SetValue/GetValue handling of /goform/setNetworkService, where improper validation of the upnpEn parameter leads to a stack-based buffer overflow. This can be triggered remotely and an exploit has been publicly released. ...
CVE-2025-12211 Tenda O3 setDmzInfo GetValue stack-based overflow
A security flaw has been discovered in Tenda O3 1.0.0.102478. Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12211 Tenda O3 setDmzInfo GetValue stack-based overflow
A security flaw has been discovered in Tenda O3 1.0.0.102478. Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...
EUVD-2025-36069
A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...
CVE-2025-12210
A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...
CVE-2025-12210 Tenda O3 AdvSetLanip GetValue stack-based overflow
A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...
CVE-2025-12209
CVE-2025-12209 affects Tenda O3 firmware 1.0.0.10(2478). The vulnerability lies in the SetValue/GetValue handlers of /goform/setDhcpConfig, where manipulating the dhcpEn argument can trigger a stack-based buffer overflow. This may be exploitable remotely and, according to multiple sources, an exp...
Tenda O3 安全漏洞
Tenda O3 is an outdoor wireless bridge from Tenda, China. The Tenda O3 suffers from a buffer overflow vulnerability that stems from the failure of the parameter enable of the SetValue/GetValue function in the file /goform/sysAutoReboot to correctly validate the length of the input data, which can...
EUVD-2022-28921
Malicious code in bioql PyPI...
EUVD-2023-34790
Malicious code in bioql PyPI...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper access control in the getValue for objects. An attacker can gain unauthorized access to, create, edit, or relate data and object entries or definitions across different virtu...
Apache Commons OGNL Arbitrary Code Execution Vulnerability
Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...