Lucene search
K

321 matches found

NVD
NVD
added 2025/12/23 11:15 p.m.5 views

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

9.8CVSS0.11343EPSS
Exploits1References6
OSV
OSV
added 2025/12/23 11:15 p.m.5 views

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

9.8CVSS5.7AI score0.11343EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/23 10:32 p.m.136 views

CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

7.5CVSS0.11343EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2025/12/23 10:32 p.m.3 views

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

9.8CVSS5.4AI score0.11343EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/23 1:31 a.m.11 views

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

10CVSS9.5AI score0.0083EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.8 views

PT-2025-52857

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18 Description A flaw exists in the Tenda WH450 device. This issue affects an unspecified function within the HTTP Request Handler component, specifically related to the file '/goform/CheckTools'. Manipulation of the...

9.8CVSS6.7AI score0.11343EPSS
Exploits1References10
NVD
NVD
added 2025/12/22 2:16 a.m.8 views

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

10CVSS0.0083EPSS
Exploits1References6
OSV
OSV
added 2025/12/22 2:16 a.m.4 views

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

9.3CVSS6.5AI score0.0083EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/22 1:2 a.m.3 views

CVE-2025-15006 Tenda WH450 HTTP Request CheckTools stack-based overflow

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

10CVSS9.5AI score0.0083EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2025/12/22 1:2 a.m.2 views

CVE-2025-15006

A weakness has been identified in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknown functionality of the file /goform/CheckTools of the component HTTP Request Handler. This manipulation of the argument ipaddress causes stack-based buffer overflow. The attack can be initiated...

10CVSS6.3AI score0.0083EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/12/22 1:2 a.m.20 views

CVE-2025-15006

CVE-2025-15006 affects Tenda WH450 1.0.0.18. The vulnerability stems from the HTTP Request Handler in /goform/CheckTools, where manipulating the ipaddress argument triggers a stack-based buffer overflow. It is remotely exploitable and, per multiple sources, the public PoC/exploit is available. Af...

10CVSS9.5AI score0.0083EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.5 views

PT-2025-52619

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18 Description A weakness exists in the Tenda WH450 device. The issue is a stack-based buffer overflow within the HTTP Request Handler component, specifically related to the file '/goform/CheckTools'. Manipulation of...

10CVSS6.9AI score0.0083EPSS
Exploits1References16
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.6 views

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in the Tenda WH450 version 1.0.0.18, which originates from the incorrect operation of the parameter ipaddress in the file /goform/CheckTools, and could result in a stack buffer overflow...

10CVSS9.7AI score0.0083EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/11/14 12:1 a.m.3 views

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

6.5CVSS8.2AI score0.03526EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/14 12:1 a.m.4 views

CVE-2025-60688

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary setDefResponse function. The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack...

6.5CVSS8.2AI score0.00518EPSS
Exploits1References1
NVD
NVD
added 2025/11/13 7:15 p.m.3 views

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

6.5CVSS0.03526EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/13 6:31 p.m.4 views

EUVD-2025-175304

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary setDefResponse function. The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack...

6.5CVSS7.7AI score0.00518EPSS
Exploits1References4
NVD
NVD
added 2025/11/13 6:15 p.m.8 views

CVE-2025-60698

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

7.3CVSS0.03929EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/13 12:0 a.m.5 views

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

8AI score0.03492EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.9 views

D-Link DIR-878 安全漏洞

The D-Link DIR-878 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link DIR-878 version A1FW101B04.bin, which originates from an unvalidated IPAddress parameter in the SetDMZSettings function, which could lead to remote command execution...

6.5CVSS7.1AI score0.03526EPSS
Exploits1References5
Rows per page
Query Builder