619 matches found
Tenda AC8V4 Buffer Overflow Vulnerability (CNVD-2025-17345)
The Tenda AC8V4 is a wireless router from Tenda China. The Tenda AC8V4 suffers from a buffer overflow vulnerability that originates from a stack buffer overflow in the timeZone and timeType parameters in /goform/SetSysTimeCfg, which can be exploited by an attacker to crash the application...
CVE-2025-51085
Tenda AC8V4 V16.03.34.06 was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument timeZone and timeType leads to stack-based buffer overflow...
CVE-2025-8160
A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The...
Tenda AC20 安全漏洞
Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...
CVE-2025-51085
Tenda AC8V4 V16.03.34.06 was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument timeZone and timeType leads to stack-based buffer overflow...
Tenda AC8V4 安全漏洞
The Tenda AC8V4 is a wireless router from Tenda China. The Tenda AC8V4 suffers from a buffer overflow vulnerability that originates from a stack buffer overflow in the timeZone and timeType parameters in /goform/SetSysTimeCfg, which can be exploited by an attacker to crash the application...
CVE-2025-51085
Tenda AC8V4 V16.03.34.06 was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument timeZone and timeType leads to stack-based buffer overflow...
CLSA-2025-1752090493 Update of tzdata
Fix incorrect tzdb.dat by harding links...
CLSA-2025-1752090137 Update of tzdata
Fix incorrect tzdb.dat by harding links...
CVE-2025-6887
A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The...
Tenda AC5 安全漏洞
Tenda AC5 is a wireless router from Tenda, a Chinese company. The Tenda AC5 suffers from a stack buffer overflow vulnerability, which originates from the failure of the parameters time and timeZone in the file /goform/SetSysTimeCfg to correctly validate the length of the input data, which can be...
CLSA-2025-1751028944 Update of tzdata
Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved...
WOLFBOX Level 2 EV Charger 安全漏洞
The WOLFBOX Level 2 EV Charger is an electric vehicle charger from WOLFBOX. A security vulnerability exists in the WOLFBOX Level 2 EV Charger that stems from improper handling of the secKey, localKey, stdTimeZone, and devId parameters, which could lead to a heap buffer overflow and remote code...
CVE-2023-2392
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been classified as problematic. Affected is an unknown function of the file scgi-bin/platform.cgi?page=timezone.htm of the component Web Management Interface. The manipulation of the argument ManualDate.minutes leads to cross site...
CVE-2022-27000
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the hprimaryntpserver, hbackupntpserver, and htimezone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2021-24671
The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape the timezone attribute of the mxmtzctimezoneclocks shortcode, allowing users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
CVE-2021-30230
The api/ZRFirmware/settimezone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter...
CVE-2025-31801
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through = 5.1.1...
CVE-2025-31801
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through = 5.1.1...
CVE-2025-31801 WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through = 5.1.1...