EUVD-2025-204979

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

📄 Varnish / Styx HTTP Request Smuggling

Proof of concept exploit that demonstrates an HTTP request smuggling vulnerability between Varnish and Styx / Nginx. ============================================================================================================================================= | Title : HTTP Request Smuggling TE.CL...

PT-2025-53325

Name of the Vulnerable Software and Affected Versions V-SOL GPON/EPON OLT Platform version 2.03 Description The software contains an information disclosure issue that allows unauthorized access to configuration files. Attackers can obtain sensitive configuration data by sending HTTP GET requests ...

CVE-2025-15048

CVE-2025-15048 affects Tenda WH450 (v1.0.0.18). The vulnerability is in the HTTP Request Handler’s /goform/CheckTools, where tampering with the ipaddress argument enables remote command injection. Exploitation has been publicly disclosed and PoC/materials exist in multiple references; impact is d...

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15047

A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /goform/PPTPDClient of the component HTTP Request Handler. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

CVE-2025-15046

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

CVE-2025-15047

A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /goform/PPTPDClient of the component HTTP Request Handler. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

CVE-2025-15046

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

CVE-2025-15046

CVE-2025-15046 affects Tenda WH450 (firmware 1.0.0.18). The vulnerability lies in the HTTP Request Handler’s /goform/PPTPClient function, where manipulating the netmsk argument causes a stack-based buffer overflow. It can be exploited remotely, and public PoCs/exploits are described in the cited ...

CVE-2025-15046 Tenda WH450 HTTP Request PPTPClient stack-based overflow

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

CVE-2025-15045 Tenda WH450 HTTP Request Natlimit stack-based overflow

A flaw has been found in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/Natlimit of the component HTTP Request Handler. This manipulation of the argument page causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-15045

CVE-2025-15045 affects Tenda WH450 1.0.0.18. The vulnerability lies in the HTTP Request Handler’s Natlimit function, where manipulating the page argument triggers a stack-based buffer overflow. The flaw allows remote initiation and, per sources, an exploit has been published and may be used. Seve...

CVE-2025-15007

A security vulnerability has been detected in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/L7Im of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in Tenda WH450 version 1.0.0.18, which originates from an incorrect manipulation of the parameter Username in the file/goform/PPTPDClient of the component HTTP Request Handler, which could result in a stack...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in Tenda WH450 version 1.0.0.18, which originates from an incorrect manipulation of the parameter netmsk in the file/goform/PPTPClient of the component HTTP Request Handler, which may result in a stack buffer...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in Tenda WH450 version 1.0.0.18, which originates from an incorrect manipulation of the parameter page in the file/goform/Natlimit of the component HTTP Request Handler, which could result in a stack buffer...

EUVD-2025-204683

A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public...

CVE-2025-15008

CVE-2025-15008 affects Tenda WH450 1.0.0.18. The vulnerability is a stack-based overflow in the HTTP Request Handler’s /goform/L7Port file, triggered by manipulating the page argument. This can be exploited remotely and, per sources, the exploit is public. Multiple connected feeds confirm the aff...