Lucene search
K

271 matches found

NVD
NVD
added 2025/09/22 9:15 p.m.6 views

CVE-2025-10815

A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. T...

9CVSS0.00767EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/15 11:2 a.m.12 views

CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

6.5CVSS0.08317EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/09/10 12:0 a.m.10 views

CVE-2025-57569

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT...

6.6AI score0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 11:2 p.m.2 views

CVE-2025-10172 UTT 750W formPictureUrl buffer overflow

A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...

9CVSS6.4AI score0.00995EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.4 views

PT-2025-36969

Name of the Vulnerable Software and Affected Versions: UTT 1200GW versions prior to 3.0.0-170831 Description: A security issue has been identified in UTT 1200GW. Manipulation of the loadBalanceNameOld argument in the sub 4B48F8 function within the /goform/formApLbConfig file can lead to a buffer...

9CVSS8.7AI score0.00995EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/09/02 12:0 a.m.3 views

Tenda CH22 安全漏洞

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...

9CVSS8.2AI score0.00595EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.6 views

PT-2025-35536

Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A buffer overflow issue exists in the formexeCommand function of the /goform/exeCommand file. Manipulation of the cmdinput argument can lead to a buffer overflow, potentially allowing for remote...

9CVSS8.9AI score0.00595EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.4 views

Tenda CH22 安全漏洞

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 has a buffer overflow vulnerability, the vulnerability stems from the parameter ipsecno in the file /goform/IPSECsave fails to correctly validate the length of the input data size, an attacker can use this vulnerabilit...

9.8CVSS8.2AI score0.00761EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.4 views

CVE-2025-9528

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5AI score0.50053EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/29 2:2 a.m.10 views

CVE-2025-9605 Tenda AC21/AC23 GetParentControlInfo stack-based overflow

A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

10CVSS0.01013EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/08/27 1:2 p.m.3 views

CVE-2025-9527 Linksys E1700 QoSSetup stack-based overflow

A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ackpolicy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be...

9CVSS7.2AI score0.01322EPSS
Exploits1References6
CVE
CVE
added 2025/08/26 2:2 p.m.25 views

CVE-2025-9483

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (firmware up to 1.2.07.001) are affected by a stack-based buffer overflow in the singlePortForwardAdd function at /goform/singlePortForwardAdd. This allows remote code execution with root access by manipulating ruleName/schedule/inboundFilter. An ...

9CVSS8.7AI score0.009EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2025/08/26 1:32 p.m.19 views

CVE-2025-9481

The CVE-2025-9481 entry concerns Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. Affected component: the function setIpv6 in /goform/setIpv6. Root cause: manipulation of the tunrd_Prefix argument leads to a stack-based buffer overflow. Impact: remote exploitation is possible (high impa...

9CVSS8.9AI score0.01253EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/25 12:27 p.m.4 views

CVE-2025-9361

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument...

9CVSS7.3AI score0.0087EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/25 11:14 a.m.6 views

CVE-2025-9360

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function accessControlAdd of the file /goform/accessControlAdd. Such manipulation of the argument ruleName/schedule lead...

9CVSS7.4AI score0.01121EPSS
Exploits1References1
NVD
NVD
added 2025/08/24 4:15 p.m.6 views

CVE-2025-9393

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument...

9CVSS0.00871EPSS
Exploits1References6
CVE
CVE
added 2025/08/24 3:2 p.m.25 views

CVE-2025-9392

The CVE-2025-9392 entry concerns Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. The vulnerability is in the qosClassifier function of /goform/qosClassifier, where improper manipulation of dir, sFromPort, sToPort, dFromPort, dToPort, protocol, layer7, dscp, and remark_dscp arguments le...

9CVSS8.8AI score0.03703EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/24 12:0 a.m.5 views

PT-2025-34568 · Linksys · Linksys Re6250 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A security vulnerability exists in the Linksys RE series of range extenders. Manipulation of the dir, sFromPort, sToPort, dFromPort...

9CVSS8.9AI score0.03703EPSS
Exploits1References15
Cvelist
Cvelist
added 2025/08/23 1:32 p.m.12 views

CVE-2025-9362 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 urlFilterManageRule stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument...

6.5CVSS0.00514EPSS
Exploits1References5
CVE
CVE
added 2025/08/23 1:32 p.m.19 views

CVE-2025-9362

CVE-2025-9362 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (versions listed in PT-2025-34529). A stack-based overflow exists in urlFilterManageRule (/goform/urlFilterManageRule): manipulating urlFilterRuleName, scheduleUrl, or addURLFilter can trigger the overflow. The vulnerability ...

8.8CVSS6.5AI score0.00514EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder