Lucene search
K

426 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 5:0 p.m.7 views

CVE-2026-5567

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS7.8AI score0.00632EPSS
Exploits1References1
NVD
NVD
added 2026/04/05 1:17 p.m.8 views

CVE-2026-5567

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS0.00632EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/05 12:45 p.m.3 views

CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS7.8AI score0.00632EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/05 12:45 p.m.24 views

CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS0.00632EPSS
Exploits1References5
CVE
CVE
added 2026/04/05 12:45 p.m.19 views

CVE-2026-5567

CVE-2026-5567 applies to Tenda M3 firmware 1.0.0.10, specifically the Destination Handler function setAdvPolicyData. The vulnerability stems from a manipulation of the policyType argument that can cause a buffer overflow, enabling remote execution. Multiple sources in the connected documents conf...

9CVSS7.8AI score0.00632EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.11 views

Tenda M3 安全漏洞

Tenda M3 is an access control device produced by the Chinese company Tenda. Version 1.0.0.10 of Tenda M3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “policyType” in files located at “goform/setAdvPolicyData”, which may lead to a buffer...

9CVSS7.7AI score0.00632EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.13 views

PT-2026-30384

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.10 Description A flaw exists in the Destination Handler component of Tenda M3 version 1.0.0.10. Manipulation of the policyType argument in the setAdvPolicyData function, accessible via the '/goform/setAdvPolicyData'...

9CVSS7.7AI score0.00632EPSS
Exploits1References12
CNVD
CNVD
added 2026/01/14 12:0 a.m.7 views

Tenda M3 /goform/setInternetLanInfo File Heap Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the file / goform / setInternetLanInfo function...

9CVSS6.1AI score0.02475EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38570

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service DoS via the adPushUID parameter...

7.5CVSS7.7AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.5 views

CVE-2022-38569

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelAd...

7.5CVSS7.8AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.4 views

CVE-2022-38565

Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailpwd parameter...

7.5CVSS7.8AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.5 views

CVE-2022-38571

Tenda M3 V1.0.0.124856 was discovered to contain a buffer overflow in the function formSetGuideListItem...

7.5CVSS8AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.4 views

CVE-2022-38562

Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service DoS via the lan parameter...

7.5CVSS7.8AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.6 views

CVE-2022-38566

Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailname parameter...

7.5CVSS7.7AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.6 views

CVE-2022-26290

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac...

10CVSS8AI score0.02654EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.11 views

CVE-2022-26289

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/exeCommand...

10CVSS7.9AI score0.02654EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.8 views

CVE-2022-26536

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/setFixTools...

10CVSS7.9AI score0.02654EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:50 a.m.8 views

CVE-2022-27077

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic...

10CVSS8AI score0.02654EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.8 views

CVE-2022-27082

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo...

10CVSS8AI score0.02728EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.9 views

CVE-2022-27078

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail...

10CVSS8AI score0.02654EPSS
Exploits1References1
Rows per page
Query Builder