CVE-2026-31846

CVE-2026-31846 affects Nexxt Solutions Nebula 300+ firmware up to 12.01.01.37. A missing authentication flaw exists on the /goform/ate endpoint, allowing an adjacent unauthenticated attacker to retrieve sensitive information, including the administrator password. The response exposes parameters s...

CVE-2025-57219

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 allows attackers to escalate privileges or access sensitive components via a crafted request...

PT-2024-26261 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 1.2.0.88155 EN Description: A stack-based buffer overflow issue was found via the funcpara1 parameter at the "ip/goform/exeCommand" endpoint. Recommendations: For Tenda FH1206 version 1.2.0.88155 EN, avoid using the...

PT-2024-2461 · Tenda · Tenda F1203

Name of the Vulnerable Software and Affected Versions: Tenda FH1203 version 2.0.1.6 Description: The issue is related to a stack overflow vulnerability in the fromDhcpListClient function, specifically with the list1 parameter. This vulnerability can be exploited by a remote attacker to impact the...

PT-2024-2216 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A vulnerability was found in the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. This issue is related to insufficient authentication of executed requests, which can lead to...

CVE-2023-34566

Tenda AC10 v4 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo...