13311 matches found
CVE-2024-4064
CVE-2024-4064 affects Tenda AC8 16.03.34.09. The R7WebsSecurityHandler function in /goform/execCommand mishandles the password parameter, causing a stack-based buffer overflow. This enables remote exploitation; the exploit has been disclosed publicly. Multiple sources (NVD, Red Hat, CNVD, CNNVD, ...
CVE-2024-4064 Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow
A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. This vulnerability affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be initiated remotely...
CVE-2024-33212
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm...
CVE-2024-33213
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic...
CVE-2024-33215
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat...
CVE-2024-33217
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter in ip/goform/addressNat...
CVE-2024-33214
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic...
CVE-2024-33211
CVE-2024-33211 : The Tenda FH1206 device (V1.2.0.8(8155)_EN) has a stack-based buffer overflow via the PPPOEPassword parameter in ip/goform/QuickIndex. Root cause: unchecked input length leading to stack overflow. Affected component is the QuickIndex handling; CVSS 3.1 vector indicates network at...
CVE-2024-33215
CVE-2024-33215 affects the Tenda FH1206 router (V1.2.0.8(8155)_EN). The vulnerability is a stack-based buffer overflow via the mitInterface parameter in the function path ip/goform/addressNat . Root cause: likely insufficient input length validation on mitInterface. Impact, per CVSS: High confide...
CVE-2024-33212
Summary (CVE-2024-33212) The issue affects the Tenda FH1206 router (version 1.2.0.8(8155)_EN). A stack-based buffer overflow exists in the IP management endpoint ip/goform/setcfm when processing the funcpara1 parameter. The vulnerability is characterized as a stack overflow that could lead to arb...
CVE-2024-33217
CVE-2024-33217 affects Tenda FH1206 (1.2.0.8(8155) EN). A stack-based buffer overflow exists in the ip/goform/addressNat endpoint, triggered via the page parameter in fromAddressNat. The root cause is improper input validation leading to potential overflow. Documented impacts include possible den...
CVE-2024-33213
CVE-2024-33213 affects Tenda FH1206 router (V1.2.0.8(8155)_EN). The issue is a stack-based buffer overflow in ip/goform/RouteStatic triggered by the mitInterface parameter. CVSS3.1 base metrics indicate AV:A, AC:L, PR:N, UI:N, S:U, C:N, I:N, A:H (base 6.5, MEDIUM) with potential availability impa...
CVE-2024-33217
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter in ip/goform/addressNat...
CVE-2024-33215
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat...
CVE-2024-33215
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat...
CVE-2024-33212
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm...
The vulnerability of the WLInfoRailService component in the Avalanche mobile device management system allows a hacker to execute arbitrary commands.
The vulnerability of the WLInfoRailService component in the Avalanche mobile device management system is related to the possibility of buffer overflows based on a stack-based mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2023-4234 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_submit_report() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2023-4232 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...
CVE-2024-3910
A vulnerability, which was classified as critical, has been found in Tenda AC500 2.0.1.91307. Affected by this issue is the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched...