Lucene search
K

78 matches found

Vulnrichment
Vulnrichment
added 2025/09/15 11:2 a.m.8 views

CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

6.5CVSS6.8AI score0.08317EPSS
Exploits1References7
CVE
CVE
added 2025/09/15 11:2 a.m.28 views

CVE-2025-10442

CVE-2025-10442 affects Tenda AC9 and AC15 with firmware 15.03.05.14. The vulnerability is in the function formexeCommand of /goform/exeCommand, where unsanitized cmdinput leads to OS command injection. Remote exploitation is possible and the exploit has been publicly disclosed. Affected devices c...

8.8CVSS6.6AI score0.08317EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.3 views

Tenda AC9和Tenda AC15 安全漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda China. A security vulnerability exists in Tenda AC9 and Tenda AC15 versions 15.03.05.14 and 15.03.05.18, which originates from an incorrect manipulation of the parameter cmdinput in the file /goform/exeCommand, which could result i...

9CVSS9AI score0.03706EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.3 views

Tenda AC9和Tenda AC15 操作系统命令注入漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda, a Chinese company. An OS command injection vulnerability exists in Tenda AC9 and Tenda AC15 version 15.03.05.14. The vulnerability stems from the incorrect operation of the function formexeCommand in the file /goform/exeCommand on...

8.8CVSS7AI score0.08317EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/09/04 3:24 a.m.7 views

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

9CVSS7.1AI score0.00595EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/04 12:0 a.m.3 views

Tenda CH22 /goform/exeCommand File Buffer Overflow Vulnerability

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...

9CVSS9.2AI score0.00595EPSS
Exploits0References1
NVD
NVD
added 2025/09/02 3:15 a.m.3 views

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

9CVSS0.00595EPSS
Exploits0References5
OSV
OSV
added 2025/09/02 3:15 a.m.2 views

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

8.7CVSS6.3AI score
Exploits0References5
Cvelist
Cvelist
added 2025/09/02 3:2 a.m.5 views

CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

9CVSS0.00595EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/02 3:2 a.m.2 views

CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

9CVSS8.8AI score0.00595EPSS
Exploits0References5
CVE
CVE
added 2025/09/02 3:2 a.m.22 views

CVE-2025-9812

The CVE-2025-9812 entry concerns Tenda CH22 (v1.0.0.1). The vulnerability is in the /goform/exeCommand flow, specifically the formexeCommand function, where unsafely processed input cmdinput can cause a buffer overflow. This could enable remote exploitation, with public disclosure noted in the so...

9CVSS8.7AI score0.00595EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/07/25 10:15 p.m.21 views

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

9.8CVSS0.04571EPSS
Exploits0References1
OSV
OSV
added 2024/07/25 10:15 p.m.3 views

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

9.8CVSS5.8AI score0.04571EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/25 12:0 a.m.16 views

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

8AI score0.04571EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/25 12:0 a.m.17 views

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

0.04571EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/25 12:0 a.m.5 views

Tenda FH1201 安全漏洞

The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a command injection vulnerability, which originates from the cmdinput parameter at /goform/exeCommand failing to correctly filter constructed command special characters, commands, etc. This vulnerability can be...

9.8CVSS8.1AI score0.04571EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/05/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-35555

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.94122, which allows attackers to construct cmdinput parameters for arbitrary command execution...

9.8CVSS5.9AI score0.24952EPSS
Exploits1References1
NVD
NVD
added 2024/05/14 3:39 p.m.17 views

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

8.8CVSS7.4AI score0.009EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.3 views

Tenda FH1206 安全漏洞

The Tenda FH1206 is a wireless router from Tenda China. The Tenda FH1206 suffers from a buffer overflow vulnerability that originates from the funcpara1 parameter in ip/goform/exeCommand that fails to properly validate the length of the input data, which can be exploited by an attacker to execute...

8.8CVSS8.2AI score0.009EPSS
Exploits1References3
CVE
CVE
added 2024/05/10 12:52 p.m.66 views

CVE-2024-34942

Tenda FH1206 router (firmware 1.2.0.8(8155) EN) contains a stack-based buffer overflow in the ip/goform/exeCommand endpoint, triggered by the funcpara1 parameter. This could allow arbitrary code execution or a denial of service. Exploitation status is not provided in the documents; no exploit det...

8.8CVSS7.7AI score0.009EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder