71 matches found
CVE-2024-57214
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the resetwifi function...
CVE-2024-57225
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the resetwifi function...
Linksys E7350 安全漏洞
The Linksys E7350 is a wireless router device from Leadsys. A security vulnerability exists in the handling of the devname parameter by the Linksys E7350 resetwifi function, which can be exploited by a remote attacker to submit a special request that can be used in the application context to...
CVE-2024-57225
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the resetwifi function...
TOTOLINK A6000R 安全漏洞
The TOTOLINK A6000R is a high-performance wireless router that utilizes advanced technology and design to provide users with an outstanding networking experience. TOTOLINK A6000R suffers from a command injection vulnerability, which originates from the devname parameter of the resetwifi function,...
PT-2025-3412 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: A command injection issue was discovered, affecting the reset wifi function through the devname parameter. This allows for potential exploitation. No information is provided about the...
CVE-2024-57225
CVE-2024-57225 affects Linksys E7350 router firmware
The vulnerability of the formSetDeviceName() function (/goform/SetOnlineDevName) in the Tenda AC6 router’s microprogramming software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the formSetDeviceName function /goform/SetOnlineDevName of the Tenda AC6 router’s microprogramming software is related to the issue where the operation exits the buffer boundaries in memory when processing the mac and devName parameters. Exploiting this vulnerability could...
The vulnerability of the formSetDeviceName() function (/goform/SetOnlineDevName) in the Tenda AC15 router’s microprogramming software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the formSetDeviceName function /goform/SetOnlineDevName in the Tenda AC15 router’s microprogramming software is related to the issue where the operation exits the buffer boundaries in memory when processing the devName parameter. Exploiting this vulnerability could allow a...
CVE-2024-6402
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotely...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC7 version 15.03.06.44 due to a buffer overflow in the devName parameter of the formSetDeviceName method...
Tenda A15 安全漏洞
Tenda A15 is a WiFi extender from Tenda China. A buffer overflow vulnerability exists in Tenda A15 version 15.13.07.13, which originates from the devName parameter of the /goform/SetOnlineDevName file failing to correctly validate the length of the input data, and can be exploited by a remote...
CVE-2023-50585
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...
Stack overflow
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...
CVE-2023-50585
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...
CVE-2023-50585
CVE-2023-50585 affects Tenda A18 v15.13.07.09. The vulnerability is a stack overflow in the formSetDeviceName function caused by the devName parameter, enabling there to be exploitation remotely via network without user interaction. The cited CVSSv3.1 metrics indicate a CRITICAL impact (C:H, I:H,...
CVE-2023-49047
Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName...
Stack overflow
Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName...
CVE-2023-49046
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule...
Stack overflow
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule...