426 matches found
CVE-2026-5567
A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-5567
A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow
A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow
A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-5567
CVE-2026-5567 applies to Tenda M3 firmware 1.0.0.10, specifically the Destination Handler function setAdvPolicyData. The vulnerability stems from a manipulation of the policyType argument that can cause a buffer overflow, enabling remote execution. Multiple sources in the connected documents conf...
Tenda M3 安全漏洞
Tenda M3 is an access control device produced by the Chinese company Tenda. Version 1.0.0.10 of Tenda M3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “policyType” in files located at “goform/setAdvPolicyData”, which may lead to a buffer...
PT-2026-30384
Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.10 Description A flaw exists in the Destination Handler component of Tenda M3 version 1.0.0.10. Manipulation of the policyType argument in the setAdvPolicyData function, accessible via the '/goform/setAdvPolicyData'...
Tenda M3 /goform/setInternetLanInfo File Heap Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the file / goform / setInternetLanInfo function...
CVE-2022-38570
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service DoS via the adPushUID parameter...
CVE-2022-38569
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelAd...
CVE-2022-38565
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailpwd parameter...
CVE-2022-38571
Tenda M3 V1.0.0.124856 was discovered to contain a buffer overflow in the function formSetGuideListItem...
CVE-2022-38562
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service DoS via the lan parameter...
CVE-2022-38566
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailname parameter...
CVE-2022-26290
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac...
CVE-2022-26289
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/exeCommand...
CVE-2022-26536
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/setFixTools...
CVE-2022-27077
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic...
CVE-2022-27082
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo...
CVE-2022-27078
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail...