Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...

PT-2025-53719

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.134903 Description A stack-based buffer overflow exists in Tenda M3. The issue is due to manipulation of the cmdinput argument within an unknown function of the /goform/exeCommand file. This allows for remote attacks. Th...

EUVD-2025-26390

Malicious code in bioql PyPI...

CVE-2025-10442

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10443

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly...

CVE-2025-10443

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly...

CVE-2025-10443

The CVE-2025-10443 entry concerns Tenda AC9/AC15 devices (firmware versions 15.03.05.14 and 15.03.05.18) with a vulnerability in the function formexeCommand in /goform/exeCommand. The issue arises from improper handling of the cmdinput parameter, leading to a buffer overflow. Exploitation can be ...

CVE-2025-10443 Tenda AC9/AC15 exeCommand formexeCommand buffer overflow

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly...

CVE-2025-10442

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-10442

CVE-2025-10442 affects Tenda AC9 and AC15 with firmware 15.03.05.14. The vulnerability is in the function formexeCommand of /goform/exeCommand, where unsanitized cmdinput leads to OS command injection. Remote exploitation is possible and the exploit has been publicly disclosed. Affected devices c...

PT-2025-37472

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.05.14 Tenda AC9 version 15.03.05.18 Tenda AC15 version 15.03.05.14 Tenda AC15 version 15.03.05.18 Description: A vulnerability exists in Tenda AC9 and AC15 devices. The vulnerability affects the formexeCommand function...

Tenda AC9和Tenda AC15 安全漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda China. A security vulnerability exists in Tenda AC9 and Tenda AC15 versions 15.03.05.14 and 15.03.05.18, which originates from an incorrect manipulation of the parameter cmdinput in the file /goform/exeCommand, which could result i...

Tenda AC9和Tenda AC15 操作系统命令注入漏洞

The Tenda AC9 and Tenda AC15 are both wireless routers from Tenda, a Chinese company. An OS command injection vulnerability exists in Tenda AC9 and Tenda AC15 version 15.03.05.14. The vulnerability stems from the incorrect operation of the function formexeCommand in the file /goform/exeCommand on...

PT-2025-37470

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.05.14 Tenda AC15 version 15.03.05.14 Description: A vulnerability exists due to the manipulation of the cmdinput argument in the formexeCommand function within the /goform/exeCommand file, leading to OS command...

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...

Tenda CH22 /goform/exeCommand File Buffer Overflow Vulnerability

Tenda CH22 is an enterprise-grade wireless router from Tenda brand. Tenda CH22 suffers from a buffer overflow vulnerability, which originates from the parameter cmdinput in the file /goform/exeCommand that fails to correctly validate the length and size of the input data, which can be exploited b...

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...