160 matches found
CVE-2025-60694
A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...
CVE-2025-60694
A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...
CVE-2025-60694
CVE-2025-60694 affects Linksys E1200 v2 routers running firmware 2.0.11.001_us. A stack-based buffer overflow occurs in httpd's validate_static_route function, where CGI params route_ipaddr_0~3, route_netmask_0~3, and route_gateway_0~3 are concatenated into fixed-size buffers (v6, v10, v14) witho...
CVE-2025-60694
A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...
Tenda AC23 sscanf function buffer overflow vulnerability
Tenda AC23 is a dual-band wireless router from Tenda that supports 802.11acWave2 technology with dual-band concurrent transmission rates up to 2033Mbps, including up to 1733Mbps in the 5GHz band, which is suitable for high-bandwidth applications such as 4K video and online live streaming. Tenda...
CVE-2025-11356
A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and coul...
EUVD-2025-32699
A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and coul...
CVE-2025-11356
CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...
PT-2025-40968
Name of the Vulnerable Software and Affected Versions Tenda AC23 versions prior to 16.03.07.52 Description A flaw exists in the sscanf function within the /goform/SetStaticRouteCfg file. Manipulation of the argument list can lead to a buffer overflow, potentially allowing for remote attacks. The...
Tenda AC23 安全漏洞
Tenda AC23 is a dual-band wireless router from Tenda that supports 802.11acWave2 technology with dual-band concurrent transmission rates up to 2033Mbps, including up to 1733Mbps in the 5GHz band, which is suitable for high-bandwidth applications such as 4K video and online live streaming. Tenda...
EUVD-2025-31447
Malicious code in bioql PyPI...
EUVD-2025-27378
Malicious code in bioql PyPI...
CVE-2025-11091
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2025-11091
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
Tenda AC21 安全漏洞
Tenda AC21 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC21 16.03.08.16 and earlier versions, which stems from an incorrect manipulation of the parameter list in the file /goform/SetStaticRouteCfg, which could result in a buffer overflow...
DHCP: DHCP routing options can manipulate interface-based VPN traffic
DHCP can add routes to a client’s routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...
CVE-2025-57072
Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
Tenda G3 formSetStaticRoute function stack buffer overflow vulnerability
Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formSetStaticRoute function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...
CVE-2025-57072
Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...