CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 10:51 a.m.•2 views

CVE-2022-42077

Tenda AC1206 USAC1206V1.0RTLV15.03.06.23multiTD01 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolReboot...

6.5CVSS7AI score0.00101EPSS

RedhatCVE•added 2026/01/09 10:50 a.m.•4 views

CVE-2022-42079

Tenda AC1206 USAC1206V1.0RTLV15.03.06.23multiTD01 was discovered to contain a stack overflow via the function formWifiBasicSet...

7.5CVSS7.8AI score0.00354EPSS

RedhatCVE•added 2026/01/09 10:50 a.m.•5 views

CVE-2022-37814

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

9.8CVSS7.4AI score0.00459EPSS

RedhatCVE•added 2026/01/09 10:50 a.m.•2 views

CVE-2022-37805

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle...

RedhatCVE•added 2026/01/09 10:50 a.m.•4 views

CVE-2022-37810

Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac...

9.8CVSS8AI score0.17859EPSS

RedhatCVE•added 2026/01/09 10:50 a.m.•0 views

CVE-2022-37799

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...

9.8CVSS7.8AI score0.00459EPSS

RedhatCVE•added 2026/01/09 10:50 a.m.•1 views

CVE-2022-37809

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speeddir parameter in the function formSetSpeedWan...

9.8CVSS7.8AI score0.00459EPSS

RedhatCVE•added 2026/01/09 10:49 a.m.•5 views

CVE-2022-37801

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand...

RedhatCVE•added 2026/01/09 10:49 a.m.•3 views

CVE-2022-37806

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient...

RedhatCVE•added 2026/01/09 10:49 a.m.•3 views

CVE-2022-37815

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex...

RedhatCVE•added 2026/01/09 10:49 a.m.•2 views

CVE-2022-37802

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting...

RedhatCVE•added 2026/01/09 10:49 a.m.•1 views

CVE-2022-37811

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer...

9.8CVSS7.8AI score0.00459EPSS

RedhatCVE•added 2026/01/06 8:5 a.m.•2 views

CVE-2026-0581

A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function formBehaviorManager of the file /goform/BehaviorManager of the component httpd. Executing a manipulation of the argument modulename/option/data/switch can lead to command injection. The attack can b...

6.5CVSS7.1AI score0.0068EPSS

NVD•added 2026/01/05 9:15 a.m.•2 views

CVE-2026-0581

9.8CVSS0.0068EPSS

OSV•added 2026/01/05 9:15 a.m.•0 views

CVE-2026-0581

9.8CVSS5.6AI score0.0068EPSS

Vulnrichment•added 2026/01/05 8:2 a.m.•1 views

CVE-2026-0581 Tenda AC1206 httpd BehaviorManager formBehaviorManager command injection

6.5CVSS6.9AI score0.0068EPSS

CVE•added 2026/01/05 8:2 a.m.•8 views

CVE-2026-0581

CVE-2026-0581 affects Tenda AC1206 (firmware 15.03.06.23) with a vulnerable httpd component. The bug resides in the formBehaviorManager function in /goform/BehaviorManager, where manipulating the modulename/option/data/switch arguments can trigger a remote command injection. Multiple connected so...

9.8CVSS6.6AI score0.0068EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/01/05 8:2 a.m.•23 views

CVE-2026-0581 Tenda AC1206 httpd BehaviorManager formBehaviorManager command injection

6.5CVSS0.0068EPSS