PT-2026-24916

A weakness has been identified in Tenda W3 1.0.0.32204. Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch t...

PT-2026-24906

A vulnerability was found in Tenda W3 1.0.0.32204. Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network...

flatted 安全漏洞

Flatted is a lightweight and fast cycle-based JSON parser developed by Andrea Giammarchi. Versions of Flatted prior to 3.4.0 contained a security vulnerability. This vulnerability stemmed from the recursive depth of the parse function when handling specially crafted payloads, which could lead to ...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formEasySetupWizard3, specifically the parameter “wanconnected”. This...

PT-2026-24915

A security flaw has been discovered in Tenda W3 1.0.0.32204. This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component POST Parameter Handler. Performing a manipulation of the argument wl radio results in stack-based buffer overflow. It is possible...

PT-2026-24902

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-25823

HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters ping1/ping2 in the file/goform/setAutoPing, which may lead to a stack buffer...

PT-2026-24961

A security vulnerability has been detected in Tenda i12 1.0.0.62204. The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclos...

CVE-2026-25823

Affected products: HMS Networks Ewon Flexy (firmware before 15.0s4) and Cosy+ (firmware before 22.1s6 and before 23.0s3). Issue: stack buffer overflow in the affected WEB/firmware stack leads to Denial of Service, with potential for Unauthenticated Remote Code Execution. Root cause: insufficient ...

Tenda i3 安全漏洞

The Tenda i3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “index/GO” in the file/goform/wifiSSIDset, which may lead to a stack buffe...

Tenda i12 安全漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i12 contains a security vulnerability. This vulnerability stems from an incorrect operation of the parameter cmdinput in the vosstrcpy function within the...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/WifiMacFilterGet, specifically the wlradio parameter, which may lead to a...

CVE-2025-70245

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/setcfm, specifically parameter funcpara1, which may lead to a stack buffe...

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. The GPAC 26.03-DEV version contains a security vulnerability, which stems from a stack buffer overflow in the txtinprocesstexml function within the TeXML File Parser component...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameter index in the component POST Parameter Handler, specifically in the file/goform/wifiSSIDget...

PT-2026-24903

A vulnerability has been found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has bee...

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the component POST Parameter Handler, specifically the...

PT-2026-25037

Name of the Vulnerable Software and Affected Versions flatted versions prior to 3.4.0 Description flatted is a circular JSON parser. The parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When provided with a crafted payload containing deeply nested ...