482 matches found
CVE-2022-43260
Tenda AC18 V15.03.05.196318 was discovered to contain a stack overflow via the time parameter in the fromSetSysTime function...
CVE-2022-25547
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the time parameter...
CVE-2022-25445
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function...
CVE-2022-24162
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the time parameter...
CVE-2022-43029
Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg...
CVE-2022-37804
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo...
CVE-2022-45656
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function...
CVE-2022-25429
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function...
CVE-2022-36570
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg...
CVE-2021-39413
Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...
CVE-2015-6512
SQL injection vulnerability in the getmessages function in server/plugins/chatroom/chatroom.php in FreiChat 9.6 allows remote attackers to execute arbitrary SQL commands via the time parameter to server/freichat.php...
CVE-2025-4810
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboottime leads to stack-based buffer overflow. The attack can be launched...
The vulnerability of the ShutdownSetAdd() function in Tenda AC10 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the ShutdownSetAdd function in Tenda AC10 router microprogramming software is related to the operation of writing data outside the buffer in memory when processing the length parameter “time”. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or...
PT-2025-23530 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.16 Description: The issue is a stack overflow that occurs via the time parameter in the setSmartPowerManagement function. This allows for potential exploitation. No information is provided about the estimated number...
CVE-2025-29360
Tenda RX3 USRX3V1.0brV16.03.13.11multiTDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...
Tenda RX3 安全漏洞
Tenda RX3 is a dual-band WiFi home wireless router from China's Tenda. A buffer overflow vulnerability exists in Tenda RX3. The vulnerability originates from a buffer overflow in the schedStartTime and schedEndTime parameters in /goform/saveParentControlInfo, which can lead to a denial of service...
CVE-2024-57372
CVE-2024-57372 is an XSS vulnerability in InformationPush master version. The flaw allows a remote attacker to obtain sensitive information through the vulnerable parameters title , time , and msg . The available connected documents confirm the affected software (InformationPush master) and the e...
PT-2025-3433 · Unknown · Informationpush
Name of the Vulnerable Software and Affected Versions: InformationPush master version Description: The issue allows a remote attacker to obtain sensitive information via the title, time, and msg parameters. This is a Cross Site Scripting vulnerability. Recommendations: For InformationPush master...
CVE-2024-9915
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has...
TOTOLINK LR1200GB 命令注入漏洞
The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Gion Electronics TOTOLINK. The TOTOLINK LR1200GB version 9.3.1cu.2832 suffers from a command injection vulnerability that originates from the hosttime parameter in the NTPSyncWithHost function on the /cgi-bin/cstecgi.cgi pag...