Lucene search
K

59 matches found

NVD
NVD
added 2025/08/28 7:15 p.m.6 views

CVE-2025-9580

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

8.8CVSS0.06729EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/16 12:16 a.m.19 views

CVE-2025-43984

An issue was discovered on KuWFi GC111 devices Hardware Version: CPE-LM321V3.2, Software Version: GC111-GL-LM321V3.020191211. They are vulnerable to unauthenticated /goform/goformsetcmdprocess requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary...

9.8CVSS8.5AI score0.18231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/15 8:32 a.m.5 views

CVE-2025-9023 Tenda AC7/AC18 SetLEDCfg formSetSchedLed buffer overflow

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9CVSS7.3AI score0.00739EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.8 views

PT-2025-33282 · Kuwfi · Kuwfi Gc111

Name of the Vulnerable Software and Affected Versions: KuWFi GC111 versions GC111-GL-LM321 V3.0 20191211 Description: The KuWFi GC111 device is susceptible to unauthorized command execution. A crafted POST request to the /goform/goform set cmd process API endpoint, utilizing the SSID parameter,...

9.8CVSS7.8AI score0.18231EPSS
Exploits0References6
CVE
CVE
added 2025/08/14 12:0 a.m.21 views

CVE-2025-43983

CVE-2025-43983 affects KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices. The vulnerability set involves unauthenticated access to goform/goform_set_cmd_process and goform/goform_get_cmd_process, enabling an attacker to retrieve sensitive information (including the admin username/password), modify cri...

9.1CVSS7.4AI score0.00357EPSS
Exploits0References3
CVE
CVE
added 2025/08/14 12:0 a.m.18 views

CVE-2025-43984

CVE-2025-43984 affects KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2; Software Version: GC111-GL-LM321_V3.0_20191211). An unauthenticated POST to the endpoint /goform/goform_set_cmd_process , using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root priv...

9.8CVSS8.5AI score0.18231EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.9 views

The vulnerability of the fromPingResultGet() function (/goform/setPing) in the Tenda O3 wireless access point software allows a hacker to execute arbitrary code or cause service failure.

The vulnerability of the fromPingResultGet /goform/setPing function in the Tenda O3 wireless access point software lies in the issue of the operation going beyond the buffer in memory when processing the destIP parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code ...

9CVSS8.3AI score0.00761EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.8 views

The vulnerability of the /goform/SetStaticRouteCfg component in the Tenda TX3 router software, which involves copying buffers without checking the size of the input data, allows an attacker to compromise the accessibility of protected information.

The vulnerability of the /goform/SetStaticRouteCfg component in the Tenda TX3 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

6.8CVSS6.6AI score0.00786EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.6 views

Tenda W18E 安全漏洞

The Tenda W18E is a wireless router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda W18E /goform/setModules handling of the wifiPwd parameter, which can be exploited by an attacker to submit a special request that can crash the application and cause a denial of...

6.5CVSS7AI score0.0046EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/02/23 12:0 a.m.8 views

PT-2025-7675 · Lb Link · Lb-Link Ac1900 Router

Name of the Vulnerable Software and Affected Versions: LB-LINK AC1900 Router version 1.0.2 Description: The issue concerns an os command injection vulnerability, specifically affecting the /goform/set blacklist endpoint, where the mac and enable variables are involved. Recommendations: For LB-LIN...

6.5CVSS6.8AI score0.13115EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.7 views

Tenda O4 安全漏洞

Tenda O4 is a router product from Tenda. The Tenda O4 /goform/setMacFilterList handles a buffer overflow vulnerability in the SafeSetMacFilter parameter, which can be exploited by a remote attacker to submit a special request that can crash the application and execute arbitrary code in the...

9.8CVSS8.2AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2024/07/19 3:15 p.m.5 views

CVE-2024-39962

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21D240126 was discovered to contain a remote code execution RCE vulnerability in the ntpzoneval parameter at /goform/setntp. This vulnerability is exploited via a crafted HTTP request...

9.8CVSS6.3AI score0.02057EPSS
Exploits1References1
OSV
OSV
added 2023/12/07 4:15 p.m.3 views

CVE-2023-49429

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules...

9.8CVSS5.9AI score0.02411EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/08/24 12:0 a.m.6 views

Tenda AC8 缓冲区错误漏洞

Tenda AC8 is a dual-band Gigabit wireless router from Tenda, designed for fiber optic homes up to 1000 megabytes, supporting dual-band concurrent transmission rates up to 1167Mbps, equipped with full Gigabit ports 1 WAN port + 3 LAN ports for 100-1000 megabit broadband access. Tenda AC8 suffers...

9.8CVSS8.2AI score0.00776EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/07/31 12:0 a.m.5 views

Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G 跨站请求伪造漏洞

The Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G is a mobile network wireless router from Guangzhou Tozed Kangwei Intelligent Technology. A security vulnerability exists in the Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G S10G3.11.6, which allows an attacker to take over a user'...

8.8CVSS8AI score0.00319EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/26 12:0 a.m.4 views

多款LB-LINK产品命令注入漏洞

LB-LINK BL-AC1900 and others are a wireless router from China Bilink LB-LINK. A security vulnerability exists in LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8, which originates from the use of the mac, time1, and time1 in the /goform/se...

9.8CVSS8.8AI score0.69663EPSS
Exploits1References2
OSV
OSV
added 2022/12/20 3:15 p.m.4 views

CVE-2022-46535

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState...

7.5CVSS6.2AI score0.00815EPSS
Exploits1References1
OSV
OSV
added 2022/10/19 7:15 p.m.4 views

CVE-2022-43027

Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg...

9.8CVSS5.9AI score0.00755EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/07 12:0 a.m.5 views

Tenda AC18 缓冲区错误漏洞

The Tenda AC18 is a router from the Chinese company Tenda. A security vulnerability exists in the Tenda AC18 Router version v15.03.05.19 and v15.03.05.05, which originates from a discovery containing a stack overflow via the list parameter of /goform/SetVirtualServerCfg...

9.8CVSS8.4AI score0.00973EPSS
Exploits1References2
Rows per page
Query Builder