103 matches found
CVE-2025-9812
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812
The CVE-2025-9812 entry concerns Tenda CH22 (v1.0.0.1). The vulnerability is in the /goform/exeCommand flow, specifically the formexeCommand function, where unsafely processed input cmdinput can cause a buffer overflow. This could enable remote exploitation, with public disclosure noted in the so...
CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow
A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclose...
PT-2025-35536
Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A buffer overflow issue exists in the formexeCommand function of the /goform/exeCommand file. Manipulation of the cmdinput argument can lead to a buffer overflow, potentially allowing for remote...
VulnCheck KEV: CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
Tenda FH1201 安全漏洞
The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a command injection vulnerability, which originates from the cmdinput parameter at /goform/exeCommand failing to correctly filter constructed command special characters, commands, etc. This vulnerability can be...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
CVE-2024-41468
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...
VulnCheck KEV: CVE-2022-35555
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.94122, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-34942
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...
CVE-2024-34942
Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...
Tenda FH1206 安全漏洞
The Tenda FH1206 is a wireless router from Tenda China. The Tenda FH1206 suffers from a buffer overflow vulnerability that originates from the funcpara1 parameter in ip/goform/exeCommand that fails to properly validate the length of the input data, which can be exploited by an attacker to execute...
CVE-2024-34942
Tenda FH1206 router (firmware 1.2.0.8(8155) EN) contains a stack-based buffer overflow in the ip/goform/exeCommand endpoint, triggered by the funcpara1 parameter. This could allow arbitrary code execution or a denial of service. Exploitation status is not provided in the documents; no exploit det...
Tenda AC18 /goform/exeCommand Command Injection Vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands...
CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
Tenda AC18 安全漏洞
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands...
PT-2024-23662 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A command injection issue exists, allowing attackers to execute arbitrary commands by constructing cmdinput parameters in the "/goform/exeCommand" API endpoint. Recommendations: For Tenda AC18 versi...