CVE-2026-5989

A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-7418

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...

Tenda F456 缓冲区错误漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a buffer error vulnerability. This vulnerability stems from improper handling of the page parameter in the fromRouteStatic function within the/goform/RouteStatic file, which may...

EUVD-2026-19543

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released...

CVE-2026-5686

Summary: CVE-2026-5686 affects Tenda CX12L 16.03.53.12. The vulnerability targets the function fromRouteStatic in the file /goform/RouteStatic, where manipulating the argument page causes a stack-based buffer overflow. Exploitation can be performed remotely, and a public exploit has been released...

CVE-2026-5686

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released...

Tenda CX12L 安全漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/RouteStatic, which may lead to a stack buffer overfl...

EUVD-2026-8518

A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly availabl...

CVE-2026-3166 Tenda F453 httpd RouteStatic fromRouteStatic buffer overflow

A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly availabl...

CVE-2025-12271

A vulnerability was identified in Tenda CH22 1.0.0.1. This affects the function fromRouteStatic of the file /goform/RouteStatic. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2025-12271 Tenda CH22 RouteStatic fromRouteStatic buffer overflow

A vulnerability was identified in Tenda CH22 1.0.0.1. This affects the function fromRouteStatic of the file /goform/RouteStatic. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

Tenda FH1201 安全漏洞

The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a buffer overflow vulnerability that stems from the entries parameter of ip/goform/RouteStatic containing a stack-based buffer overflow vulnerability. No detailed vulnerability details are provided at this time...

PT-2018-3884 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists in the handler function of the "/goform/NTPSyncWithHost" route, where an HTTP request parameter is used in command string construction. This could lead to command injection via...