Lucene search
+L

18 matches found

Cvelist
Cvelist
added 2026/04/27 11:45 p.m.45 views

CVE-2026-7202 Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The...

10CVSS0.02448EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/03 1:48 a.m.9 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

7.5CVSS6AI score0.00447EPSS
Exploits1References1
NVD
NVD
added 2026/03/02 5:16 p.m.7 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

7.5CVSS0.00447EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.7 views

PT-2026-22622

Name of the Vulnerable Software and Affected Versions Tenda AC6V2.0 version 15.03.06.23 multi Description An issue exists in the /goform/WifiWpsStart component of the software. The index and mode parameters are controllable. When specific conditions are met during the sprintf function call, these...

7.5CVSS6.1AI score0.00447EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/03/02 12:0 a.m.26 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

0.00447EPSS
Exploits1References2
CVE
CVE
added 2026/03/02 12:0 a.m.10 views

CVE-2025-70252

CVE-2025-70252 affects Tenda AC6V2.0 (V15.03.06.23_multi). The vulnerability is in /goform/WifiWpsStart where the parameters index and mode are controllable. When certain conditions meet during an sprintf, data are spliced into a temporary buffer without size checking, leading to a stack overflow...

7.5CVSS6AI score0.00447EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/02 12:0 a.m.15 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

7.5CVSS6AI score0.00447EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/02 12:0 a.m.6 views

EUVD-2025-208181

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

6AI score0.00447EPSS
Exploits1References2
OSV
OSV
added 2025/04/23 4:15 p.m.5 views

CVE-2025-45429

In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...

9.8CVSS6.2AI score0.00959EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/23 12:0 a.m.6 views

Tenda AC9 安全漏洞

Tenda AC9 is a wireless router from Tenda, a Chinese company. The Tenda AC9 suffers from a buffer overflow vulnerability that originates from /goform/WifiWpsStart failing to properly validate the length and size of input data, which can be exploited by an attacker to execute arbitrary code on the...

9.8CVSS8.2AI score0.00959EPSS
Exploits1References1
OSV
OSV
added 2024/03/26 6:15 p.m.4 views

CVE-2024-2896

A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. This issue affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...

8.8CVSS6.5AI score0.01856EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/03/22 12:0 a.m.5 views

Tenda AC15 安全漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. Tenda AC15 suffers from a stack buffer overflow...

9.8CVSS8.3AI score0.01541EPSS
Exploits1References4
OSV
OSV
added 2024/03/20 5:15 p.m.6 views

CVE-2024-2706

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49. This affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

8.8CVSS6.2AI score0.01734EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.6 views

PT-2024-2349 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 Description: A critical issue was found in the function formWifiWpsStart of the file /goform/WifiWpsStart, which is related to a stack-based buffer overflow. This can be initiated remotely through the...

9CVSS8.8AI score0.01734EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.8 views

PT-2024-2497 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue affects the formWifiWpsStart function of the /goform/WifiWpsStart file, leading to a stack-based buffer overflow due to the manipulation of the index argument. This issue can be...

9CVSS9AI score0.01856EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/11/21 12:0 a.m.8 views

PT-2022-27137 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the formWifiWpsStart function. This can potentially allow for unauthorized access or code execution. Recommendations: For Tenda AC...

9.8CVSS7.2AI score0.00682EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.8 views

Tenda AC10 缓冲区错误漏洞

The Tenda AC10 is a wireless router from China-based Tenda. A security vulnerability exists in Tenda AC10 firmware version V15.03.06.23, which originates from a stack buffer overflow in its /goform/formWifiWpsStart component...

9.8CVSS8.7AI score0.00928EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/02/04 2:15 a.m.2 views

CVE-2021-45740

TOTOLINK A720R v4.1.5cu.470B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service DoS via the pin parameter...

9.8CVSS5.9AI score0.01363EPSS
Exploits1References2
Rows per page
Query Builder