SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the query construction in the TSDB access code. An attacker can execute arbitrary TSDB queries by supplying crafted starttime, endtime, or column/table-related values that are interpolated directly into SQL strings. Th...

CVE-2026-2873

A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2026-2873

A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2026-2873

A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2026-2873

CVE-2026-2873 affects Tenda A21 firmware (1.0.0.0) where the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow caused by manipulated schedStartTime/schedEndTime arguments. The vulnerability can be triggered remotely, and the exploit is public (exploit m...

CVE-2026-2181

A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated...

CVE-2026-2181

A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated...

CVE-2026-2181 Tenda RX3 openSchedWifi stack-based overflow

A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated...

CVE-2026-2181

A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated...

Tenda RX3 安全漏洞

The Tenda RX3 is a dual-band WiFi 6 home router produced by the Chinese company Tenda. It is used for network coverage in households and supports high-speed wireless connections. The version 16.03.13.11 of the Tenda RX3 contains a security vulnerability. This vulnerability stems from incorrect...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. The Tenda AC9 15.03.06.42multi version has a security vulnerability. This vulnerability stems from improper handling of the parameters sys.schedulereboot.starttime and sys.schedulereboot.endtime in the formGetRebootTimer...

CVE-2025-14656

A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made availab...

PT-2025-43396

Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.06.50 Description The software contains multiple buffer overflow flaws within the openSchedWifi function. An attacker can leverage these to trigger a Denial of Service DoS condition by injecting a specially crafted...

EUVD-2013-4093

Malware in sbrugna...

Code-Projects Simple Scheduling System SQL注入漏洞

Simple Scheduling System is a simple scheduling system. Simple Scheduling System has a SQL injection vulnerability that originates from the starttime/endtime parameters in the /addtime.php file not being securely filtered. An attacker can exploit this vulnerability to execute malicious SQL comman...

CVE-2025-46035

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint...

CVE-2024-30600

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function...

TOTOLINK A810R 安全漏洞

The TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A810R version V4.1.2cu.5182B20201026, which stems from the startTime and endTime parameters in the setParentalRules function failing to correctly validate t...

CVE-2025-29363

Tenda RX3 USRX3V1.0brV16.03.13.11multiTDE01 is vulnerable to buffer overflow via the schedStartTime and schedEndTime parameters at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...

Tenda RX3 安全漏洞

Tenda RX3 is a dual-band WiFi home wireless router from China's Tenda. A buffer overflow vulnerability exists in Tenda RX3. The vulnerability originates from a buffer overflow in the schedStartTime and schedEndTime parameters in /goform/saveParentControlInfo, which can lead to a denial of service...