Lucene search
K

79 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.13 views

CVE-2026-11499

A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...

10CVSS8.5AI score0.06561EPSS
Exploits3References1
NVD
NVD
added 2026/06/08 6:16 p.m.15 views

CVE-2026-11553

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formPPPEdit of the file /boaform/formPPPEdit. The manipulation of the argument encodename results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and...

9CVSS0.00477EPSS
Exploits0References7
CVE
CVE
added 2026/06/08 5:15 p.m.31 views

CVE-2026-11553

Vulnerability (CVE-2026-11553) affects Tenda HG7HG9 and HG10 models (firmware variant 300001138_en_xpon). The flaw is in the function formPPPEdit in /boaform/formPPPEdit: manipulating the argument encodename causes a stack-based buffer overflow. The issue can be exploited remotely, and public exp...

9CVSS6.2AI score0.00477EPSS
Exploits0References7
NVD
NVD
added 2026/06/08 9:16 a.m.16 views

CVE-2026-11499

A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...

10CVSS0.06561EPSS
Exploits3References6
Vulnrichment
Vulnrichment
added 2026/06/08 7:0 a.m.11 views

CVE-2026-11499 Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow

A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...

10CVSS8.5AI score0.06561EPSS
Exploits3References6
NVD
NVD
added 2026/04/25 6:16 p.m.7 views

CVE-2026-6988

A flaw has been found in Tenda HG10 HG7HG9HG10re300001138enxpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack remotely. The exploit h...

9CVSS0.00619EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.6 views

PT-2026-35159

A flaw has been found in Tenda HG10 HG7 HG9 HG10re 300001138 en xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS8.5AI score0.00619EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/31 9:14 p.m.7 views

CVE-2026-1690

A flaw has been found in Tenda HG10 USHG7HG9HG10re300001138enxpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used...

5.8CVSS5.7AI score0.03857EPSS
Exploits1References1
NVD
NVD
added 2026/01/30 5:16 p.m.5 views

CVE-2026-1690

A flaw has been found in Tenda HG10 USHG7HG9HG10re300001138enxpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used...

5.8CVSS0.03857EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/01/30 4:32 p.m.5 views

CVE-2026-1689

A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...

7.5CVSS5.7AI score0.02537EPSS
Exploits1References6
NVD
NVD
added 2026/01/30 4:16 p.m.13 views

CVE-2026-1687

A weakness has been identified in Tenda HG10 USHG7HG9HG10re300001138enxpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

7.5CVSS0.026EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/01/30 4:2 p.m.5 views

CVE-2026-1687

A weakness has been identified in Tenda HG10 USHG7HG9HG10re300001138enxpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.026EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.10 views

PT-2026-5425

Name of the Vulnerable Software and Affected Versions Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon affected versions not specified Description A flaw exists in the Login Interface component of the software, specifically within the checkUserFromLanOrWan function located in the...

7.5CVSS7.2AI score0.02537EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.5 views

PT-2026-5426

Name of the Vulnerable Software and Affected Versions Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon affected versions not specified Description A flaw exists in the system function associated with the file '/boaform/formSysCmd'. Manipulation of the sysCmd argument can lead to command injection...

6.5CVSS5.2AI score0.03857EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2026/01/01 1:10 a.m.15 views

CVE-2025-15371

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS6.5AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 3:30 a.m.4 views

EUVD-2025-205867

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS6.2AI score0.00118EPSS
Exploits0References12
NVD
NVD
added 2025/12/31 1:15 a.m.8 views

CVE-2025-15371

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS0.00118EPSS
Exploits0References11
CVE
CVE
added 2025/12/31 1:2 a.m.66 views

CVE-2025-15371

Affected products: Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to version 65.10.15.6. Root cause: manipulation of the Shadow File component via input Fireitup, enabling hard-coded credentials. Local access required. Public exploit details exist. Remediation: upgrade to a...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.17 views

PT-2025-54267

Name of the Vulnerable Software and Affected Versions Tenda i24 versions prior to 65.10.15.7 Tenda 4G03 Pro versions prior to 65.10.15.7 Tenda 4G05 versions prior to 65.10.15.7 Tenda 4G08 versions prior to 65.10.15.7 Tenda G0-8G-PoE versions prior to 65.10.15.7 Tenda Nova MW5G versions prior to...

8.5CVSS7.5AI score0.00118EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8105

Malware in sbrugna...

6.5CVSS6.6AI score0.01034EPSS
Exploits0References2
Rows per page
Query Builder