4490 matches found
EUVD-2026-35084
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
CVE-2026-11524 Tenda W20E Web Management modifyWifiFilterRules stack-based overflow
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
EUVD-2026-35080
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2026-11498
A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...
CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow
A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...
CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow
A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...
CVE-2026-11498
CVE-2026-11498 affects Tenda HG7HG9/HG10 devices (Web Management Interface) due to a stack-based buffer overflow in function asp_voip_OtherSet within the /boaform/voip_other_set module. The issue is triggered by manipulating the funckey_transfer parameter and can be exploited remotely over the ne...
PT-2026-47309
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
Tenda W20E 缓冲区错误漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “gotoUrl” in the formPortalAuth function of the Web Management Interface component,...
Tenda HG7 缓冲区错误漏洞
The Tenda HG7 is a dual-band Wi-Fi optical network terminal device from the Chinese company Tenda. The Tenda HG7 300001138enxpon version has a buffer error vulnerability. This vulnerability stems from an error in the function aspvoipOtherSet in the Web Management Interface component, where the...
PT-2026-47438
Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A stack-based buffer overflow exists in the Web Management Interface. This issue occurs within the fromNatlimit function located in the /goform/Natlimit file. A remote attacker can trigge...
Tenda F451 缓冲区错误漏洞
The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain buffer overflow vulnerabilities. These vulnerabilities stem from improper handling of the parameter “page” in the fromNatlimit function within the Web Management...
Tenda AC18 缓冲区错误漏洞
The Tenda AC18 is a router produced by the Chinese company Tenda. The version 15.03.05.05 of the Tenda AC18 contains a buffer error vulnerability. This vulnerability stems from improper handling of parameters in the sub45304 function of the goform/getRebootStatus file within the Web Management...
PT-2026-47308
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
Tenda F451 命令注入漏洞
The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the parameter “mac” in the formWriteFacMac function within the Web Management...
PT-2026-47437
Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A security flaw in the Web Management Interface allows remote exploitation via OS command injection. The issue exists within the formWriteFacMac function located in the /goform/WriteFacMa...
CVE-2026-36958
A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the...
CVE-2026-36956
A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An...