41165 matches found
CVE-2026-6134 Tenda F451 qossetting fromqossetting stack-based overflow
A security flaw has been discovered in Tenda F451 1.0.0.7cnsvn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried out remotely. The...
CVE-2026-6133 Tenda F451 SafeUrlFilter fromSafeUrlFilter stack-based overflow
A vulnerability was identified in Tenda F451 1.0.0.7cnsvn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and mig...
CVE-2026-6133
The CVE affects Tenda F451 1.0.0.7_cn_svn7958, specifically the fromSafeUrlFilter function in /goform/SafeUrlFilter. The vulnerability arises from manipulation of the argument page, causing a stack-based buffer overflow. This enables remote exploitation, with public exploit availability noted in ...
CVE-2026-6132
Affected product: Totolink A7100RU. Vulnerable component: CGI Handler, function setLedCfg in /cgi-bin/cstecgi.cgi. Issue: manipulation of the argument enable leads to OS command injection. Impact: remote code execution possibility with high severity (CVE-2026-6132). Exploit status: publicly discl...
CVE-2026-6131 Totolink A7100RU CGI cstecgi.cgi setTracerouteCfg os command injection
A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched...
CVE-2026-6131
Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected by a vulnerability in the CGI handler function setTracerouteCfg (/cgi-bin/cstecgi.cgi). Manipulation of the command argument yields OS command injection, allowing remote exploitation with no authentication. The exploit has been made pub...
CVE-2026-6131 Totolink A7100RU CGI cstecgi.cgi setTracerouteCfg os command injection
A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched...
CVE-2026-6130 chatboxai chatbox Model Context Protocol Server Management System ipc-stdio-transport.ts StdioClientTransport os command injection
A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to os command...
CVE-2026-6130
CVE-2026-6130 affects chatboxai up to version 1.20.0, impacting the StdioClientTransport function in src/main/mcp/ipc-stdio-transport.ts within the Model Context Protocol Server Management System. The root cause is a flaw where manipulating the argument list (args/env) enables os command injectio...
CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...
CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...
EUVD-2026-21730
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...
EUVD-2026-21726
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6124
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6124
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6124 Tenda F451 httpd SafeMacFilter fromSafeMacFilter stack-based overflow
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6124 Tenda F451 httpd SafeMacFilter fromSafeMacFilter stack-based overflow
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6124
CVE-2026-6124 affects Tenda F451 1.0.0.7, specifically the httpd component’s function fromSafeMacFilter in /goform/SafeMacFilter. The issue involves a stack-based buffer overflow triggered by manipulating the argument page/menufacturer, with the attack described as remote and the exploit publicly...