EUVD-2026-25898

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

CVE-2026-6199

A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-3728 Tenda F453 setcfm fromSetCfm stack-based overflow

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-70219

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot...

CVE-2025-24496

CVE-2025-24496 affects Tenda AC6 V5.0 V02.03.01.110. The information-disclosure flaw resides in /goform/getproductInfo; Talos notes an authentication bypass when requesting this URL, allowing a non-authenticated retrieval of module data via the generic getter, potentially exposing configuration d...

H3C Magic R200 缓冲区错误漏洞

The H3C Magic R200 is a router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R200 R200V100R004 version, which stems from the discovery of a stack overflow vulnerability contained via the SetMobileAPInfoById interface of /goform/aspForm...

CVE-2022-34601

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm...