CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2025/07/12 11:2 p.m.•8 views

CVE-2025-7506 Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...

9CVSS0.00775EPSS

OSV•added 2025/07/12 9:15 a.m.•3 views

CVE-2025-7468

A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attac...

8.7CVSS6.5AI score0.00758EPSS

NVD•added 2025/07/12 9:15 a.m.•4 views

CVE-2025-7468

9CVSS0.00758EPSS

NVD•added 2025/07/12 7:15 a.m.•3 views

CVE-2025-7465

A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can ...

9CVSS0.00758EPSS

NVD•added 2025/07/12 6:15 a.m.•6 views

CVE-2025-7463

A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mitssid leads to buffer overflow. The atta...

9CVSS0.00976EPSS

NVD•added 2025/07/11 10:15 p.m.•5 views

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

9CVSS0.00761EPSS

CVE•added 2025/07/11 1:32 a.m.•26 views

CVE-2025-7434

The CVE-2025-7434 issue affects Tenda FH451 (versions up to 1.0.0.9). Affected code is the fromAddressNat function in the /goform/addressNat file of the POST Request Handler. Manipulating the page argument leads to a stack-based buffer overflow, which can be triggered remotely. Exploit informatio...

9CVSS8.8AI score0.00774EPSS

Exploits1References6Affected Software1

Vulnrichment•added 2025/07/11 1:32 a.m.•2 views

CVE-2025-7434 Tenda FH451 POST Request addressNat fromAddressNat stack-based overflow

A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may...

9CVSS7.3AI score0.00774EPSS

Positive Technologies•added 2025/07/08 12:0 a.m.•3 views

PT-2025-29349 · Tenda · Tenda Fh451

Name of the Vulnerable Software and Affected Versions: Tenda FH451 version 1.0.0.9 Description: A critical vulnerability exists in Tenda FH451. The manipulation of the page argument in the frmL7ProtForm function within the HTTP POST Request Handler, located at the /goform/L7Prot endpoint, leads t...

9CVSS8.6AI score0.00775EPSS

Exploits1References13

Positive Technologies•added 2025/07/07 12:0 a.m.•3 views

PT-2025-29314 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the HTTP POST Request Handler component of the affected product. The fromSafeUrlFilter function within the /goform/fromSafeUrlFilter file is susceptible to a buffer...

9CVSS8.8AI score0.00758EPSS

Exploits1References13

Positive Technologies•added 2025/07/07 12:0 a.m.•2 views

PT-2025-29309 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The fromRouteStatic function within the HTTP POST Request Handler, located in the file /goform/fromRouteStatic, is susceptible to a buffer overflo...

9CVSS8.7AI score0.00758EPSS

Exploits1References14

Positive Technologies•added 2025/07/06 12:0 a.m.•4 views

PT-2025-29307 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The vulnerability affects the formWrlsafeset function within the /goform/AdvSetWrlsafeset file of the HTTP POST Request Handler component...

9CVSS8.8AI score0.00976EPSS

Exploits1References14

RedhatCVE•added 2025/07/03 2:23 p.m.•4 views

CVE-2025-6953

A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is...

9CVSS7.5AI score0.00761EPSS

RedhatCVE•added 2025/07/03 3:21 a.m.•9 views

CVE-2025-6940

A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflo...

9CVSS7.5AI score0.00762EPSS

RedhatCVE•added 2025/07/03 2:22 a.m.•14 views

CVE-2025-6939

A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

9CVSS7.5AI score0.00759EPSS

Tenable Nessus•added 2025/07/03 12:0 a.m.•7 views

DLink DIR-859 1.05 & 1.06B01 Path Traversal

The version of DLink installed on the remote host is prior to 1.07b03. It is, therefore, affected by a path traversal vulnerability as referenced in the vendor advisory. - A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown...

9.8CVSS6.6AI score0.82714EPSS

Exploits1References3

RedhatCVE•added 2025/06/30 8:47 p.m.•11 views

CVE-2025-6824

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible ...

9CVSS9AI score0.00785EPSS

RedhatCVE•added 2025/06/29 3:27 a.m.•8 views

CVE-2025-6751

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

9CVSS7.2AI score0.0064EPSS

Exploits0References1

NVD•added 2025/06/28 8:15 p.m.•39 views

CVE-2025-6824

9CVSS0.00785EPSS