25 matches found
Tenda AC7 SetSysTimeCfg File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44. The vulnerability stems from the parameter Time in the file /goform/SetSysTimeCfg that fails to properly validate the length and size of the input data, which can...
Tenda AC7 Command Injection Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A command injection vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the failure to properly filter the parameter lanIp in the file /goform/AdvSetLanip to construct command special characters, commands, etc...
Tenda AC7 /goform/SetUpnpCfg File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg that fails to correctly validate the length of the input data, and can be exploited by a...
Tenda AC7 /goform/WifiMacFilterSet File Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter wifichkHz in the file /goform/WifiMacFilterSet that fails to correctly validate the length of the input data, and can be...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11525
CVE-2025-11525 affects Tenda AC7 (firmware 15.03.06.44). The issue is a stack-based buffer overflow in the /goform/SetUpnpCfg handler caused by improper validation of the upnpEn parameter. Attackers can exploit remotely to execute arbitrary code or cause denial of service; public exploits/poC hav...
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter wifichkHz in the file /goform/WifiMacFilterSet that fails to correctly validate the length of the input data, and can be...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter ddnsEn in the file /goform/SetDDNSCfg that fails to correctly validate the length and size of the input data, and can be...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter Password in the file /goform/fastsettingpppoeset that fails to correctly validate the length and size of the input data, and c...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be exploited by ...
Tenda AC7和Tenda AC18 安全漏洞
Tenda AC7 and Tenda AC18 are both products of Tenda, a Chinese company.Tenda AC7 is a wireless router.Tenda AC18 is a router. A security vulnerability exists in Tenda AC7 and Tenda AC18 versions 15.03.05.19 and 15.03.06.44, which originates from a buffer overflow due to improper handling of the...
Tenda AC7 Buffer Overflow Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the function formSetMacFilterCfg in the file /goform/setMacFilterCfg that fails to correctly validate the length and size of the input data,...
CVE-2024-48825
Tenda AC7 v.15.03.06.44 ateifconfigset has pre-authentication command injection allowing remote attackers to execute arbitrary code...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which is caused by improper handling of the pptpserverstartip/pptpserverendip parameters in the formSetPPTPServer function in the /goform/SetPptpServerCfg file...
Tenda AC7 安全漏洞
The Tenda AC7 is a wireless router manufactured by Tenda. A stack overflow vulnerability exists in the formSetFirewallCfg function of the /goform/SetFirewallCfg file in Tenda AC7 15.03.06.44 and earlier versions when handling the firewallEn parameter, which stems from the program failing to check...
Tenda AC7 命令注入漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A command injection vulnerability exists in Tenda AC7 version 15.03.06.44. The vulnerability stems from the TendaTelnet function in the /goform/telnet file failing to properly filter constructor command special characters, commands, et...
CVE-2024-32281
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand function via the cmdinput parameter...
Unspecified Vulnerability in Tenda AC7 (CNVD-2024-20790)
Tenda AC7 is a wireless router from Tenda, a Chinese company. A security vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from a buffer overflow vulnerability in the list parameter of the formSetQosBand method. No details of the vulnerability are available at this time...
CVE-2024-2893
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The...