69 matches found
CVE-2026-5609 Tenda i12 Parameter wifiSSIDset formwrlSSIDset stack-based overflow
A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-4043
A security vulnerability has been detected in Tenda i12 1.0.0.62204. The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclos...
CVE-2026-4008
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
EUVD-2026-11540
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-4008
CVE-2026-4008 affects Tenda W3 1.0.0.3(2204). The flaw occurs in the POST Parameter Handler for the /goform/wifiSSIDset path, where manipulation of the argument index/GO leads to a stack-based buffer overflow. It can be exploited remotely, and an exploit has been published. Affected version detai...
CVE-2026-4008
A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2026-4007 Tenda W3 POST Parameter wifiSSIDget stack-based overflow
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2026-3971 Tenda i3 wifiSSIDset formwrlSSIDset stack-based overflow
A vulnerability has been found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has bee...
CVE-2026-3971 Tenda i3 wifiSSIDset formwrlSSIDset stack-based overflow
A vulnerability has been found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has bee...
Tenda W3 安全漏洞
The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the component POST Parameter Handler, specifically the...
Tenda i12 安全漏洞
The Tenda i12 is a wireless access point from the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i12 contains a security vulnerability. This vulnerability stems from an incorrect operation of the parameter index in the function formwrlSSIDget in the file/goform/wifiSSIDget, which may lea...
CVE-2026-25196
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the Wi-Fi SSID and/or password fields can lead to remote code execution when the configuration is...
CVE-2026-25196 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the Wi-Fi SSID and/or password fields can lead to remote code execution when the configuration is...
CVE-2026-25196
CVE-2026-25196 is an OS command injection affecting XWEB Pro before 1.12.1. An authenticated attacker can achieve remote code execution by supplying malicious input in the Wi‑Fi SSID and/or password fields during configuration processing. Multiple sources (Red Hat, NVD, EUVD, CVE records) describ...
CVE-2020-37150
Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizardreboot.asp page in unsetup mode, which discloses the Wi-Fi SSID and security key. Attackers can retrieve the wireless password by sending a GET request to this endpoint, exposing sensitive information without...
CVE-2020-37150 Edimax Technology EW-7438RPn-v3 Mini 1.27 - Unauthorized Access: Wi-Fi Password Disclosure
Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizardreboot.asp page in unsetup mode, which discloses the Wi-Fi SSID and security key. Attackers can retrieve the wireless password by sending a GET request to this endpoint, exposing sensitive information without...
RockyLinux 8 : kernel-rt (RLSA-2025:19103)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19103 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...