37 matches found
EUVD-2019-14676
Malware in sbrugna...
EUVD-2019-14677
Malware in sbrugna...
EUVD-2025-12188
Malicious code in bioql PyPI...
EUVD-2022-33002
Malicious code in bioql PyPI...
The vulnerability of the fromSysToolRestoreSet() function in the microprogramming software for Tenda AC9 allows a attacker to perform a CSRF attack.
The vulnerability of the fromSysToolRestoreSet function in the Tenda AC9 router’s microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability could allow a remote attacker to execute a CSRF attack...
The vulnerability of the HTTP POST Request Handler component of the fromadvsetlanip() function in the Tenda AC9 router’s microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the HTTP POST Request Handler component of the fromadvsetlanip function in the Tenda AC9 router’s microprogramming system is related to buffer overflow in the stack during the processing of the lanMask parameter. Exploiting this vulnerability allows an attacker to compromise...
The vulnerability of the HTTP POST Request Handler component of the formSetSafeWanWebMan() function in the Tenda AC9 router’s microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the HTTP POST Request Handler component of the formSetSafeWanWebMan function in the Tenda AC9 router’s microprogramming system is related to buffer overflow in the stack during the processing of the remoteIp parameter. Exploiting this vulnerability allows an attacker to...
Tenda AC9 注入漏洞
Tenda AC9 is a wireless router from Tenda, a Chinese company. The Tenda AC9 suffers from a command injection vulnerability that stems from the parameter list in the file /goform/SetIPTVCfg failing to properly filter constructed command special characters, commands, and so on. No details of the...
The vulnerability of the formSetSambaConf() function in the Tenda AC9 router software allows a hacker to execute arbitrary code.
The vulnerability of the formSetSambaConf function in the Tenda AC9 router software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2022-28560
There is a stack overflow vulnerability in the goform/fastsettingwifiset function in the httpd service of Tenda ac9 15.03.2.21cn router. An attacker can obtain a stable shell through a carefully constructed payload...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
CVE-2025-45429
In the Tenda ac9 v1.0 router with firmware V15.03.05.14multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution...
The vulnerability of the fromAdvSetMacMtuWan() function in the Tenda AC9 router’s software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromAdvSetMacMtuWan function in the Tenda AC9 router’s microprogramming software is related to the buffer overflow attack when processing the wanMTU parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
CVE-2019-5071
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS1 post...
CVE-2019-5072
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS2 post...
Tenda AC9 Command Injection Vulnerability
Tenda AC9 is a wireless router from Tenda, a Chinese company. The Tenda AC9 suffers from a command injection vulnerability, which originated when /goform/SetSambaCfg was found to contain a command injection vulnerability. An attacker can exploit this vulnerability to remotely execute arbitrary co...
CVE-2023-41560
Tenda AC9 V3.0 V15.03.06.42multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg...