30 matches found
EUVD-2026-40016
A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could ...
EUVD-2026-28529
A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...
CVE-2026-6200
A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been public...
PT-2026-32154
A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...
EUVD-2026-20828
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...
EUVD-2026-10271
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit ha...
CVE-2026-3727
The vulnerability CVE-2026-3727 affects Tenda F453 firmware 1.0.0.3. The issue resides in the sub_3C6C0 function of the /goform/QuickIndex component, where manipulation of the mit_linktype/PPPOEPassword argument causes a stack-based buffer overflow. This could enable remote exploitation, and publ...
PT-2026-23931
Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A stack-based buffer overflow exists in the fromwebExcptypemanFilter function of the /goform/webExcptypemanFilter file. The issue is triggered by manipulating the page argument and can be initiated...
PT-2026-23932
Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A stack-based buffer overflow exists in the function sub 3C6C0 of the file /goform/QuickIndex. The issue is triggered by manipulating the mit linktype/PPPOEPassword argument, allowing for remote attacks. ...
EUVD-2026-9131
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPOEPassword can lead to buffer overflow. The attack can be launched remotely. The exploit has been...
PT-2026-22522
Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A buffer overflow issue exists in the httpd component of the Tenda F453. The issue is located in the fromAdvSetWan function within the /goform/AdvSetWan file. Manipulation of the wanmode/PPPOEPassword...
EUVD-2026-8970
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of the argument mitssidindex leads to buffer overflow. The attack can be executed remotely. The exploi...
CVE-2026-24430 Tenda W30E V2 HTTP Responses Expose Plaintext Credentials
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be expose...
CVE-2025-14994
The CVE-2025-14994 affects Tenda FH1201 and FH1206 routers (versions 1.2.0.14(408) and 1.2.0.8(8155)) in the HTTP Request Handler’s /goform/webtypelibrary. The vulnerability is a stack-based buffer overflow in the strcat usage manipulating the webSiteId argument, potentially allowing remote code ...
CVE-2025-14526
A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may ...
EUVD-2025-30827
Malicious code in bioql PyPI...
EUVD-2022-48510
Malicious code in bioql PyPI...
EUVD-2025-4508
Malicious code in bioql PyPI...
CVE-2025-9605
A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...
PT-2025-34047 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: A denial of service issue exists in the HTTP Header Parsing functionality. A series of specially crafted HTTP requests can cause a reboot. An attacker can trigger this issue by sending multiple...