290 matches found
EUVD-2026-36078
An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN client configuration...
TP-LINK Archer 操作系统命令注入漏洞
TP-LINK Archer is a series of routers produced by TP-LINK Corporation. The TP-LINK Archer has a vulnerability related to operating system command injection, which stems from improper filtering of special characters in the VPN module. This vulnerability may allow adjacent, authenticated attackers ...
CVE-2026-1610
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
EUVD-2026-4968
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
CVE-2026-1610
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...
CVE-2026-1610
CVE-2026-1610 affects Tenda AX12 Pro V2 (firmware 16.03.49.24_cn). The Telnet Service contains a vulnerability that allows remote manipulation leading to hard-coded credentials. Exploitation is described as remote, with high complexity, and the exploit has been publicly disclosed. No remediation ...
PT-2026-5329
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24 cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is neede...
Tenda AX12 Pro Trust Management Vulnerability
The Tenda AX12 Pro is a router produced by the Chinese company Tenda. The Tenda AX12 Pro V2 16.03.49.24cn version has a vulnerability related to trust management. This vulnerability stems from hard-coded credentials in the Telnet Service...
CVE-2023-49427
Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service DoS via list parameter in SetNetControlList function...
CVE-2023-49424
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg...
CVE-2023-49437
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList...
CVE-2023-49428
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName...
CVE-2022-37292
Tenda AX12 V22.03.01.21CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub42FDE4 function, which satisfies the request of the upper-level interface function sub430124, that is, handles the post request under /goform/SetIpMacBind...
CVE-2022-27374
Tenda AX12 V22.03.01.21CN was discovered to contain a Cross-Site Request Forgery CSRF via the function sub42E328 at /goform/SysToolReboot...
CVE-2022-27375
Tenda AX12 V22.03.01.21CN was discovered to contain a Cross-Site Request Forgery CSRF via the function sub422168 at /goform/WifiExtraSet...
EUVD-2023-53389
Malicious code in bioql PyPI...
EUVD-2022-47968
Malicious code in bioql PyPI...
EUVD-2022-48816
Malicious code in bioql PyPI...