CVE-2025-55605

Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter...

CVE-2025-55503

Tenda AC6 V15.03.06.23multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function...

CVE-2025-55503

Tenda AC6 V15.03.06.23multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function...

Tenda AC6 安全漏洞

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the deviceName parameter in th...

CVE-2025-55503

Tenda AC6 V15.03.06.23multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function...

CVE-2025-55503

Tenda AC6 V15.03.06.23multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function...

PT-2025-34056 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.06.23 multi Description: The Tenda AC6 router firmware contains a stack overflow vulnerability. This issue is triggered via the deviceName parameter within the saveParentControlInfo function. Recommendations: Update to...

Linksys多款产品 命令注入漏洞

The Linksys RE6250, among others, is a wireless extender from Linksys USA. A command injection vulnerability exists in various Linksys products. The vulnerability stems from improper manipulation of the DeviceName parameter in the setDeviceName function, which may result in os command injection...

CVE-2024-30645

Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...

CVE-2024-30593

Tenda FH1202 v1.2.0.14408 has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function...

CVE-2024-28545

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44872

CVE-2025-44872 affects the Tenda AC9 router (version 15.03.06.42_multi). A command injection flaw exists in the formsetUsbUnload function via the deviceName parameter, allowing an attacker to execute arbitrary commands through a crafted request. Reported impact is high (CVE CVSS v3.1: AV:N/AC:L/P...

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

Netgear DC112A deviceName Command Injection Vulnerability

The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...

CVE-2025-28219

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usbadv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request...

NETGEAR DC112A 安全漏洞

The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...