18 matches found
CVE-2026-7202 Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection
A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
PT-2026-22622
Name of the Vulnerable Software and Affected Versions Tenda AC6V2.0 version 15.03.06.23 multi Description An issue exists in the /goform/WifiWpsStart component of the software. The index and mode parameters are controllable. When specific conditions are met during the sprintf function call, these...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
CVE-2025-70252
CVE-2025-70252 affects Tenda AC6V2.0 (V15.03.06.23_multi). The vulnerability is in /goform/WifiWpsStart where the parameters index and mode are controllable. When certain conditions meet during an sprintf, data are spliced into a temporary buffer without size checking, leading to a stack overflow...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
EUVD-2025-208181
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
Tenda AC9 安全漏洞
Tenda AC9 is a wireless router from Tenda, a Chinese company. The Tenda AC9 suffers from a buffer overflow vulnerability that originates from /goform/WifiWpsStart failing to properly validate the length and size of input data, which can be exploited by an attacker to execute arbitrary code on the...
CVE-2024-2896
A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. This issue affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...
Tenda AC15 安全漏洞
Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. Tenda AC15 suffers from a stack buffer overflow...
CVE-2024-2706
A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49. This affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
PT-2024-2349 · Tenda · Tenda Ac10
Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 Description: A critical issue was found in the function formWifiWpsStart of the file /goform/WifiWpsStart, which is related to a stack-based buffer overflow. This can be initiated remotely through the...
PT-2024-2497 · Tenda · Tenda Ac7
Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue affects the formWifiWpsStart function of the /goform/WifiWpsStart file, leading to a stack-based buffer overflow due to the manipulation of the index argument. This issue can be...
PT-2022-27137 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the formWifiWpsStart function. This can potentially allow for unauthorized access or code execution. Recommendations: For Tenda AC...
Tenda AC10 缓冲区错误漏洞
The Tenda AC10 is a wireless router from China-based Tenda. A security vulnerability exists in Tenda AC10 firmware version V15.03.06.23, which originates from a stack buffer overflow in its /goform/formWifiWpsStart component...
CVE-2021-45740
TOTOLINK A720R v4.1.5cu.470B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service DoS via the pin parameter...