Lucene search
K

4490 matches found

EUVD
EUVD
added 2026/06/08 3:0 p.m.12 views

EUVD-2026-35084

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 3:0 p.m.10 views

CVE-2026-11524 Tenda W20E Web Management modifyWifiFilterRules stack-based overflow

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/08 2:45 p.m.39 views

CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS0.00466EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 2:45 p.m.11 views

CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 2:45 p.m.13 views

EUVD-2026-35080

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 9:16 a.m.12 views

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS0.03799EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/08 6:45 a.m.47 views

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS0.03799EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 6:45 a.m.8 views

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS8.3AI score0.03799EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 6:45 a.m.31 views

CVE-2026-11498

CVE-2026-11498 affects Tenda HG7HG9/HG10 devices (Web Management Interface) due to a stack-based buffer overflow in function asp_voip_OtherSet within the /boaform/voip_other_set module. The issue is triggered by manipulating the funckey_transfer parameter and can be exploited remotely over the ne...

9CVSS8.3AI score0.03799EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47309

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “gotoUrl” in the formPortalAuth function of the Web Management Interface component,...

9CVSS8.6AI score0.00466EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Tenda HG7 缓冲区错误漏洞

The Tenda HG7 is a dual-band Wi-Fi optical network terminal device from the Chinese company Tenda. The Tenda HG7 300001138enxpon version has a buffer error vulnerability. This vulnerability stems from an error in the function aspvoipOtherSet in the Web Management Interface component, where the...

9CVSS8.5AI score0.03799EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47438

Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A stack-based buffer overflow exists in the Web Management Interface. This issue occurs within the fromNatlimit function located in the /goform/Natlimit file. A remote attacker can trigge...

9CVSS8.8AI score0.00476EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Tenda F451 缓冲区错误漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain buffer overflow vulnerabilities. These vulnerabilities stem from improper handling of the parameter “page” in the fromNatlimit function within the Web Management...

9CVSS8.6AI score0.00476EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Tenda AC18 缓冲区错误漏洞

The Tenda AC18 is a router produced by the Chinese company Tenda. The version 15.03.05.05 of the Tenda AC18 contains a buffer error vulnerability. This vulnerability stems from improper handling of parameters in the sub45304 function of the goform/getRebootStatus file within the Web Management...

9CVSS8.5AI score0.00466EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47308

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS8.4AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Tenda F451 命令注入漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the parameter “mac” in the formWriteFacMac function within the Web Management...

9CVSS8AI score0.01614EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.19 views

PT-2026-47437

Name of the Vulnerable Software and Affected Versions Tenda F451 versions 1.0.0.7 through 1.0.0.9 Description A security flaw in the Web Management Interface allows remote exploitation via OS command injection. The issue exists within the formWriteFacMac function located in the /goform/WriteFacMa...

9CVSS8AI score0.01614EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.12 views

CVE-2026-36958

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the...

7.5CVSS5.4AI score0.00323EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36956

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An...

8.8CVSS5.5AI score0.00163EPSS
Exploits1References1
Rows per page
Query Builder