78 matches found
CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection
A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...
CVE-2025-10442
CVE-2025-10442 affects Tenda AC9 and AC15 with firmware 15.03.05.14. The vulnerability is in the function formexeCommand of /goform/exeCommand, where unsanitized cmdinput leads to OS command injection. Remote exploitation is possible and the exploit has been publicly disclosed. Affected devices c...
Tenda AC9和Tenda AC15 安全漏洞
The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda China. A security vulnerability exists in Tenda AC9 and Tenda AC15 versions 15.03.05.14 and 15.03.05.18, which originates from an incorrect manipulation of the parameter cmdinput in the file /goform/exeCommand, which could result i...
Tenda AC9和Tenda AC15 操作系统命令注入漏洞
The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda, a Chinese company. An OS command injection vulnerability exists in Tenda AC9 and Tenda AC15 version 15.03.05.14. The vulnerability stems from the incorrect operation of the function formexeCommand in the file /goform/exeCommand on...
CVE-2025-9812
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
Tenda CH22 /goform/exeCommand File Buffer Overflow Vulnerability
Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...
CVE-2025-9812
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812
The CVE-2025-9812 entry concerns Tenda CH22 (v1.0.0.1). The vulnerability is in the /goform/exeCommand flow, specifically the formexeCommand function, where unsafely processed input cmdinput can cause a buffer overflow. This could enable remote exploitation, with public disclosure noted in the so...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
Tenda FH1201 安全漏洞
The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a command injection vulnerability, which originates from the cmdinput parameter at /goform/exeCommand failing to correctly filter constructed command special characters, commands, etc. This vulnerability can be...
VulnCheck KEV: CVE-2022-35555
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.94122, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-34942
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...
Tenda FH1206 安全漏洞
The Tenda FH1206 is a wireless router from Tenda China. The Tenda FH1206 suffers from a buffer overflow vulnerability that originates from the funcpara1 parameter in ip/goform/exeCommand that fails to properly validate the length of the input data, which can be exploited by an attacker to execute...
CVE-2024-34942
Tenda FH1206 router (firmware 1.2.0.8(8155) EN) contains a stack-based buffer overflow in the ip/goform/exeCommand endpoint, triggered by the funcpara1 parameter. This could allow arbitrary code execution or a denial of service. Exploitation status is not provided in the documents; no exploit det...