CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/04/27 3:15 a.m.•3 views

CVE-2026-7082

A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been...

9CVSS6AI score0.00619EPSS

ATTACKERKB•added 2026/04/27 3:0 a.m.•5 views

CVE-2026-7081

A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...

9CVSS5.7AI score0.00619EPSS

CVE•added 2026/04/27 3:0 a.m.•23 views

CVE-2026-7081

Tenda F456 1.0.0.5 is affected by CVE-2026-7081 in the httpd component. The vulnerability affects the function fromGstDhcpSetSer in /goform/GstDhcpSetSer and is caused by a manipulation of the dips argument, leading to a buffer overflow. Remote exploitation is possible and the exploit is public. ...

9CVSS8.6AI score0.00619EPSS

EUVD•added 2026/04/27 3:0 a.m.•4 views

EUVD-2026-25764

9CVSS5.7AI score0.00619EPSS

Cvelist•added 2026/04/27 2:45 a.m.•28 views

CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS0.00641EPSS

CVE•added 2026/04/27 2:45 a.m.•11 views

CVE-2026-7080

This CVE affects Tenda F456 devices running version 1.0.0.5, where the httpd component’s file /goform/PPTPUserSetting contains the function fromPPTPUserSetting. The vulnerability arises from manipulation of the delno argument, leading to a buffer overflow. The issue is exploitable remotely and ha...

9CVSS8.7AI score0.00641EPSS

EUVD•added 2026/04/27 2:45 a.m.•3 views

EUVD-2026-25763

9CVSS6AI score0.00641EPSS

Vulnrichment•added 2026/04/27 2:45 a.m.•3 views

CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow

9CVSS8.7AI score0.00641EPSS

Vulnrichment•added 2026/04/27 2:30 a.m.•2 views

CVE-2026-7079 Tenda F456 httpd AdvSetWan fromAdvSetWan buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the...

9CVSS8.7AI score0.00632EPSS

Cvelist•added 2026/04/27 2:30 a.m.•29 views

CVE-2026-7079 Tenda F456 httpd AdvSetWan fromAdvSetWan buffer overflow

9CVSS0.00632EPSS

ATTACKERKB•added 2026/04/27 2:30 a.m.•4 views

CVE-2026-7079

9CVSS8.7AI score0.00632EPSS

EUVD•added 2026/04/27 2:15 a.m.•5 views

EUVD-2026-25761

A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be launched remotely. The exploit has been released ...

9CVSS5.9AI score0.00619EPSS

CVE•added 2026/04/27 2:15 a.m.•10 views

CVE-2026-7078

CVE-2026-7078 concerns a buffer overflow in the Tenda F456 1.0.0.5 HTTP daemon component. The vulnerable element is the function fromSetIpBind in the file /goform/SetIpBind; manipulating the argument page triggers overflow. The issue is exploitable remotely, and publicly released exploits indicat...

9CVSS8.6AI score0.00619EPSS

Cvelist•added 2026/04/27 2:15 a.m.•34 views

CVE-2026-7078 Tenda F456 httpd SetIpBind fromSetIpBind buffer overflow

9CVSS0.00619EPSS

EUVD•added 2026/04/27 2:0 a.m.•8 views

EUVD-2026-25759

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /editparcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

7.5CVSS5.4AI score0.00254EPSS

CVE•added 2026/04/27 2:0 a.m.•10 views

CVE-2026-7077

CVE-2026-7077 affects itsourcecode Courier Management System 1.0. The vulnerability is in an unknown function of the file /edit_parcel.php where manipulating the argument ID leads to an SQL injection. It is exploitable remotely and the exploit is publicly available. CVSS metrics indicate network-...

7.5CVSS7.3AI score0.00254EPSS

Cvelist•added 2026/04/27 2:0 a.m.•29 views

CVE-2026-7077 itsourcecode Courier Management System edit_parcel.php sql injection

7.5CVSS0.00254EPSS

Vulnrichment•added 2026/04/27 1:45 a.m.•4 views

CVE-2026-7076 itsourcecode Courier Management System edit_branch.php sql injection

A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /editbranch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed a...

7.5CVSS7.3AI score0.00254EPSS