CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-57569

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT...

CVE-2025-10172 UTT 750W formPictureUrl buffer overflow

A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...

PT-2025-36969

Name of the Vulnerable Software and Affected Versions: UTT 1200GW versions prior to 3.0.0-170831 Description: A security issue has been identified in UTT 1200GW. Manipulation of the loadBalanceNameOld argument in the sub 4B48F8 function within the /goform/formApLbConfig file can lead to a buffer...

Tenda CH22 安全漏洞

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...

PT-2025-35536

Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A buffer overflow issue exists in the formexeCommand function of the /goform/exeCommand file. Manipulation of the cmdinput argument can lead to a buffer overflow, potentially allowing for remote...

Tenda CH22 安全漏洞

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 has a buffer overflow vulnerability, the vulnerability stems from the parameter ipsecno in the file /goform/IPSECsave fails to correctly validate the length of the input data size, an attacker can use this vulnerabilit...

CVE-2025-9528

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly...

CVE-2025-9605 Tenda AC21/AC23 GetParentControlInfo stack-based overflow

A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

CVE-2025-9527 Linksys E1700 QoSSetup stack-based overflow

A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ackpolicy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be...

CVE-2025-9483

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (firmware up to 1.2.07.001) are affected by a stack-based buffer overflow in the singlePortForwardAdd function at /goform/singlePortForwardAdd. This allows remote code execution with root access by manipulating ruleName/schedule/inboundFilter. An ...

CVE-2025-9481

The CVE-2025-9481 entry concerns Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. Affected component: the function setIpv6 in /goform/setIpv6. Root cause: manipulation of the tunrd_Prefix argument leads to a stack-based buffer overflow. Impact: remote exploitation is possible (high impa...

CVE-2025-9361

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument...

CVE-2025-9360

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function accessControlAdd of the file /goform/accessControlAdd. Such manipulation of the argument ruleName/schedule lead...

CVE-2025-9393

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument...

CVE-2025-9392

The CVE-2025-9392 entry concerns Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. The vulnerability is in the qosClassifier function of /goform/qosClassifier, where improper manipulation of dir, sFromPort, sToPort, dFromPort, dToPort, protocol, layer7, dscp, and remark_dscp arguments le...

PT-2025-34568 · Linksys · Linksys Re6250 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A security vulnerability exists in the Linksys RE series of range extenders. Manipulation of the dir, sFromPort, sToPort, dFromPort...

CVE-2025-9362

CVE-2025-9362 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (versions listed in PT-2025-34529). A stack-based overflow exists in urlFilterManageRule (/goform/urlFilterManageRule): manipulating urlFilterRuleName, scheduleUrl, or addURLFilter can trigger the overflow. The vulnerability ...

CVE-2025-9362 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 urlFilterManageRule stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument...

CVE-2025-9359

The CVE-2025-9359 entry describes a stack-based buffer overflow in Linksys RP_checkCredentialsByBBS (file path /goform/RP_checkCredentialsByBBS) triggered by manipulating the ssidhex/pwd arguments. Affected devices are Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 with firmware versions 1.0.0...