Lucene search
K

355 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 10:58 p.m.5 views

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS6.4AI score0.03EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/31 12:31 a.m.4 views

EUVD-2026-17243

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.03EPSS
Exploits1References6
NVD
NVD
added 2026/03/30 10:16 p.m.4 views

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

8.8CVSS0.03EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/30 9:30 p.m.1 views

CVE-2026-5153 Tenda CH22 WriteFacMac FormWriteFacMac command injection

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.03EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.14 views

Tenda CH22 命令注入漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “mac” in the function FormWriteFacMac defined in the file/goform/WriteFacMac,...

8.8CVSS6.6AI score0.03EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.4 views

PT-2026-29131

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.03EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.8 views

CVE-2026-4554

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

6.5CVSS6.4AI score0.03411EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/22 4:51 p.m.7 views

CVE-2026-4554 Tenda F453 WriteFacMac FormWriteFacMac privilege escalation

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

6.5CVSS6.4AI score0.03411EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.13 views

PT-2026-27019

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

6.5CVSS6.4AI score0.03411EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.6 views

Tenda F453 命令注入漏洞

The Tenda F453 is a wireless router produced by the Chinese company Tenda. The Tenda F453 1.0.0.3 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “mac” in the file/goform/WriteFacMac, which may lead to command injection...

8.8CVSS6.6AI score0.03411EPSS
Exploits1References5
OSV
OSV
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25421

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

5.1CVSS6AI score0.00399EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:2 p.m.4 views

CVE-2019-25421

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

6.1CVSS5.8AI score0.00399EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 12:0 a.m.4 views

CVE-2025-69674

Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...

6AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20824

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

6.1CVSS5.8AI score0.00399EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2026/02/13 12:0 a.m.434 views

📄 OpenSSL 3.x PKCS#12 PBMAC1 KeyLength Buffer Overflow

This proof of concept demonstrates a buffer overflow vulnerability in OpenSSL versions 3.4 to 3.6 related to improper handling of the PBMAC1 keyLength parameter in PKCS12 files. By crafting a malicious PKCS12 structure with an excessively large keyLength value, the proof of concept triggers a...

9.8CVSS6.4AI score0.47621EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2026/02/08 1:3 p.m.7 views

CVE-2026-2082

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

7.2CVSS5AI score0.0491EPSS
Exploits1References1
NVD
NVD
added 2026/02/07 10:15 a.m.7 views

CVE-2026-2082

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

7.2CVSS0.0491EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.7 views

D-Link DIR-615: Operating System Command Injection Vulnerability

The D-Link DIR-615 is a wireless router produced by D-Link Corporation. Version 4.10 of the D-Link DIR-615 contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the parameter “mac” in the file /advmacfilter.php, which may lead ...

8.6CVSS5.8AI score0.05071EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.5 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

6.1CVSS6.9AI score0.00515EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/16 12:24 a.m.12 views

CVE-2025-70656

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub65B5C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00311EPSS
Exploits1References1
Rows per page
Query Builder