CVE-2025-7421 Tenda O3V2 httpd operateMacFilter fromMacFilterModify stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd. The manipulation of the argument mac leads to stack-based buffer overflow. The attack may be...

CVE-2025-7421 Tenda O3V2 httpd operateMacFilter fromMacFilterModify stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd. The manipulation of the argument mac leads to stack-based buffer overflow. The attack may be...

CVE-2025-7420 Tenda O3V2 httpd setWrlBasicInfo formWifiBasicSet stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been declared as critical. This vulnerability affects the function formWifiBasicSet of the file /goform/setWrlBasicInfo of the component httpd. The manipulation of the argument extChannel leads to stack-based buffer overflow. The attack...

CVE-2025-7420

CVE-2025-7420 affects Tenda O3V2 (version 1.0.0.12(3880)). The vulnerability is in the httpd component’s function setWrlBasicInfo (formWifiBasicSet). The root cause is a stack-based buffer overflow triggered by manipulating the extChannel argument in /goform/setWrlBasicInfo. It is remotely exploi...

CVE-2025-7419

The CVE-2025-7419 entry applies to Tenda O3V2, version 1.0.0.12(3880). The vulnerability is in the httpd component, specifically the fromSpeedTestSet function in /goform/setRateTest. The destIP parameter length validation is inadequate, causing a stack-based buffer overflow that can be exploited ...

CVE-2025-7419 Tenda O3V2 httpd setRateTest fromSpeedTestSet stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. It is possible to initiate the...

CVE-2025-7418

CVE-2025-7418 affects Tenda O3V2 1.0.0.12(3880). The vulnerable component is httpd, function fromPingResultGet in /goform/setPing. Manipulating the destIP argument triggers a stack-based buffer overflow, enabling remote attack. Public exploit/public disclosure is noted. Evidence across multiple s...

CVE-2025-7418 Tenda O3V2 httpd setPing fromPingResultGet stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880 and classified as critical. Affected by this issue is the function fromPingResultGet of the file /goform/setPing of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-7418 Tenda O3V2 httpd setPing fromPingResultGet stack-based overflow

A vulnerability was found in Tenda O3V2 1.0.0.123880 and classified as critical. Affected by this issue is the function fromPingResultGet of the file /goform/setPing of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-7417 Tenda O3V2 httpd setPingInfo fromNetToolGet stack-based overflow

A vulnerability has been found in Tenda O3V2 1.0.0.123880 and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be...

CVE-2025-7417 Tenda O3V2 httpd setPingInfo fromNetToolGet stack-based overflow

A vulnerability has been found in Tenda O3V2 1.0.0.123880 and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be...

CVE-2025-7416

CVE-2025-7416 affects Tenda O3V2 router (httpd: /goform/setSysTimeInfo, fromSysToolTime). The Time parameter is vulnerable to a stack-based overflow, enabling remote exploitation. Publicly disclosed exploit noted in sources; impact can include arbitrary code execution or denial of service. Affect...

CVE-2025-7416 Tenda O3V2 httpd setSysTimeInfo fromSysToolTime stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda O3V2 1.0.0.123880. Affected is the function fromSysToolTime of the file /goform/setSysTimeInfo of the component httpd. The manipulation of the argument Time leads to stack-based buffer overflow. It is possible to launch the...

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7206 D-Link DIR-825 httpd switch_language.cgi sub_410DDC stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub410DDC of the file switchlanguage.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-7194

CVE-2025-7194 affects D-Link DI-500WF (version 17.04.10A1T). The vulnerability resides in the jhttpd component’s file ip_position.asp where unvalidated input to the sprintf call leads to a stack-based buffer overflow. It is exploitable remotely over the network and an exploit has been publicly di...

CVE-2025-7194 D-Link DI-500WF jhttpd ip_position.asp sprintf stack-based overflow

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7089

A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. This issue affects the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be...

CVE-2025-6663 GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2025-7094

CVE-2025-7094 affects Belkin F9K1122 (1.00.33). The stack-based buffer overflow stems from manipulating the submit-url-ok parameter in /goform/formBSSetSitesurvey of the webs component. Exploitation can be remote, and public PoCs exist; vendor not responding per sources. Related advisories (CNVD/...