CVE-2026-3974

A vulnerability was identified in Tenda W3 1.0.0.32204. This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be performed from remote. Th...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “cmdinput” in the file/goform/exeCommand, which may lead to a stack buffer overflo...

CVE-2026-3802

A vulnerability was determined in Tenda i3 1.0.0.62204. Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been...

PT-2026-24012

Name of the Vulnerable Software and Affected Versions Tenda i3 version 1.0.0.62204 Description A stack-based buffer overflow issue exists in the formexeCommand function located in the /goform/exeCommand file. Manipulation of the cmdinput argument can trigger this issue, potentially allowing for...

Tenda M3 /goform/exeCommand File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...

EUVD-2025-29169

Malicious code in bioql PyPI...

CVE-2025-10442

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442

CVE-2025-10442 affects Tenda AC9 and AC15 with firmware 15.03.05.14. The vulnerability is in the function formexeCommand of /goform/exeCommand, where unsanitized cmdinput leads to OS command injection. Remote exploitation is possible and the exploit has been publicly disclosed. Affected devices c...

Tenda AC9和Tenda AC15 安全漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda China. A security vulnerability exists in Tenda AC9 and Tenda AC15 versions 15.03.05.14 and 15.03.05.18, which originates from an incorrect manipulation of the parameter cmdinput in the file /goform/exeCommand, which could result i...

Tenda AC9和Tenda AC15 操作系统命令注入漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda, a Chinese company. An OS command injection vulnerability exists in Tenda AC9 and Tenda AC15 version 15.03.05.14. The vulnerability stems from the incorrect operation of the function formexeCommand in the file /goform/exeCommand on...

Tenda CH22 /goform/exeCommand File Buffer Overflow Vulnerability

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...

CVE-2024-32314

Tenda AC500 V2.0.1.91307 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

CVE-2024-32282

Tenda FH1202 v1.2.0.14408 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

CVE-2024-32292

Tenda W30E v1.0 V1.0.1.25633 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

CVE-2024-32283

Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter...