Lucene search
+L

307 matches found

GithubExploit
GithubExploit
added 2026/06/08 10:54 a.m.93 views

Exploit for CVE-2026-11499

🚨 CVE-2026-11499 Stack-Based Buffer Overflow in Tenda HG7...

10CVSS6AI score0.06561EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/03/27 2:24 p.m.14 views

CVE-2021-27706

Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.179502CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without...

9.8CVSS8.1AI score0.02828EPSS
Exploits1References1
Akamai Blog
Akamai Blog
added 2026/02/27 7:0 p.m.4 views

Zerobot Malware Targets n8n Automation Platform

The use of Mirai continues. Read how the Akamai SIRT identified active exploitation of vulnerabilities in the n8n automation platform and Tenda AC1206 routers...

5.9AI score
Exploits0
CNVD
CNVD
added 2026/02/05 12:0 a.m.2 views

Tenda D301 and Tenda D151 Access Control Error Vulnerabilities

Tenda D301 is a wireless router.Tenda D151 is a wireless router. An access control error vulnerability exists in the Tenda D301 and Tenda D151 that stems from the presence of an unauthenticated configuration download on the /goform/getimage endpoint, which can be exploited by an attacker to cause...

8.7CVSS6AI score0.00612EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.9 views

PT-2026-3797

Name of the Vulnerable Software and Affected Versions Tenda D151 routers affected versions not specified Tenda D301 routers affected versions not specified Description Remote attackers can retrieve router configuration files from Tenda D151 and D301 routers without authentication. This is possibl...

8.7CVSS5.9AI score0.00612EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2026-22081

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the missing HTTPOnly flag for session cookies associated with the web-based administrative interface. A remote at-tacker could exploit this vulnerability by capturing session cookies...

8.8CVSS6.8AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2026-22080

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

8.7CVSS6.8AI score0.00106EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2026-22082

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and...

8.8CVSS6.7AI score0.00451EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:23 p.m.10 views

CVE-2018-14557

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A buffer overflow vulnerability exists in the router's web server httpd. When processing the pa...

7.8CVSS7.4AI score0.0143EPSS
Exploits1References1
NVD
NVD
added 2026/01/09 12:15 p.m.6 views

CVE-2026-22081

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the missing HTTPOnly flag for session cookies associated with the web-based administrative interface. A remote at-tacker could exploit this vulnerability by capturing session cookies...

8.8CVSS0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 12:15 p.m.4 views

CVE-2026-22082

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and...

8.8CVSS0.00451EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.11 views

CVE-2021-27691

Command Injection in Tenda G0 routers with firmware versions v15.11.0.69039CN and v15.11.0.55876CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.179502CN or v15.11.0.169024CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This...

10CVSS8.3AI score0.25183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.10 views

CVE-2021-27707

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.179502CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without...

9.8CVSS8.1AI score0.02828EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/09 11:24 a.m.3 views

CVE-2026-22082 Insecure Session ID Management Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and...

8.8CVSS6.4AI score0.00451EPSS
Exploits0References1
CVE
CVE
added 2026/01/09 11:24 a.m.15 views

CVE-2026-22082

CVE-2026-22082 affects Tenda 300Mbps Wireless Router F3 and N300 Easy Setup Router. The root cause is using login credentials as the session ID in the web-based admin interface, allowing a remote attacker to hijack an authenticated session by intercepting unsecured traffic. Impact cited: exposure...

8.8CVSS6.4AI score0.00451EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 11:24 a.m.25 views

CVE-2026-22082 Insecure Session ID Management Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and...

8.8CVSS0.00451EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 11:16 a.m.3 views

CVE-2026-22081 Cookie without HTTPOnly Flag Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the missing HTTPOnly flag for session cookies associated with the web-based administrative interface. A remote at-tacker could exploit this vulnerability by capturing session cookies...

8.8CVSS6.4AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 11:16 a.m.23 views

CVE-2026-22081 Cookie without HTTPOnly Flag Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the missing HTTPOnly flag for session cookies associated with the web-based administrative interface. A remote at-tacker could exploit this vulnerability by capturing session cookies...

8.8CVSS0.0037EPSS
Exploits0References1
CVE
CVE
added 2026/01/09 11:16 a.m.18 views

CVE-2026-22081

The CVE-2026-22081 issue affects Tenda 300Mbps Wireless Router F3 and N300 Easy Setup Router, arising from the absence of the HTTPOnly flag on cookies used by the web-based administrative interface. This enables a remote attacker to potentially capture session cookies transmitted over unencrypted...

8.8CVSS6.4AI score0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 11:15 a.m.9 views

CVE-2026-22080

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

8.7CVSS0.00106EPSS
Exploits0References1
Rows per page
Query Builder