CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2024/04/26 7:0 p.m.•15 views

CVE-2024-4237 Tenda AX1806 execCommand R7WebsSecurityHandler stack-based overflow

9CVSS9.1AI score0.01451EPSS

Vulnrichment•added 2024/04/23 8:0 p.m.•15 views

CVE-2024-4064 Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. This vulnerability affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.2AI score0.01757EPSS

CVE•added 2024/04/23 8:0 p.m.•56 views

CVE-2024-4064

CVE-2024-4064 affects Tenda AC8 16.03.34.09. The R7WebsSecurityHandler function in /goform/execCommand mishandles the password parameter, causing a stack-based buffer overflow. This enables remote exploitation; the exploit has been disclosed publicly. Multiple sources (NVD, Red Hat, CNVD, CNNVD, ...

9CVSS7AI score0.01757EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/04/23 12:0 a.m.•2 views

Tenda AC8 安全漏洞

Shenzhen Jixiang Tengda Technology Co., Ltd AC8 is a wireless router device that provides network connection and wireless management functions. A stack buffer overflow vulnerability exists in the R7WebsSecurityHandler function in the Shenzhen Jixiang Tengda Technology Co. AC8 /goform/execCommand...

9CVSS7.4AI score0.01757EPSS

BDU FSTEC•added 2024/04/19 12:0 a.m.•3 views

The vulnerability of the R7WebsSecurityHandler function (/goform/execCommand) in the Tenda AC500 router software allows a hacker to execute arbitrary code.

The vulnerability of function R7WebsSecurityHandler /goform/execCommand in the Tenda AC500 router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially crafted POST request...

9CVSS8.6AI score0.01773EPSS

OSV•added 2024/04/17 12:15 p.m.•1 views

CVE-2024-3909

A vulnerability classified as critical was found in Tenda AC500 2.0.1.91307. Affected by this vulnerability is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The...

9.8CVSS6.4AI score

OSV•added 2024/04/17 11:15 a.m.•4 views

CVE-2024-3905

A vulnerability was found in Tenda AC500 2.0.1.91307. It has been classified as critical. This affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to initiate the attack remotely...

8.8CVSS6.2AI score0.01773EPSS

Vulnrichment•added 2024/04/17 10:31 a.m.•10 views

CVE-2024-3905 Tenda AC500 execCommand R7WebsSecurityHandler stack-based overflow

9CVSS7.1AI score0.01773EPSS

Cvelist•added 2024/04/17 10:31 a.m.•26 views

CVE-2024-3905 Tenda AC500 execCommand R7WebsSecurityHandler stack-based overflow

9CVSS9AI score0.01773EPSS

CNNVD•added 2024/04/17 12:0 a.m.•2 views

Tenda AC500 安全漏洞

Tenda AC500 is a Gigabit Port Access Controller from Tenda China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which is caused by a buffer overflow in the password parameter of the R7WebsSecurityHandler method of the /goform/execCommand file...

9CVSS7.8AI score0.01773EPSS

CNVD•added 2024/03/29 12:0 a.m.•1 views

Tenda FH1203 formexeCommand Method Buffer Overflow Vulnerability

Tenda FH1203 is a dual-band wireless router from Tenda China, mainly used for home network coverage. The Tenda FH1203 suffers from a buffer overflow vulnerability that originates from the cmdinput parameter of the formexeCommand method of the /goform/execCommand file that fails to correctly...

9CVSS8.3AI score0.01481EPSS

Exploits1References1

OSV•added 2024/03/27 11:15 p.m.•2 views

CVE-2024-3008

A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7775. Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to launch the attack remotely. The explo...

8.8CVSS6.3AI score

CVE•added 2024/03/27 6:31 p.m.•55 views

CVE-2024-2990

CVE-2024-2990 affects Tenda FH1203 2.0.1.6 . The vulnerability is in the function formexeCommand of the file /goform/execCommand where manipulation of the argument cmdinput causes a stack-based buffer overflow . It can be exploited remotely, and the exploit has been disclosed publicly. The connec...

9CVSS8.9AI score0.01481EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/03/27 1:31 p.m.•20 views

CVE-2024-2976 Tenda F1203 execCommand R7WebsSecurityHandler stack-based overflow

A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be launched...

9CVSS9AI score0.01669EPSS

CNNVD•added 2024/03/27 12:0 a.m.•2 views

Tenda FH1203 安全漏洞

9CVSS8.2AI score0.01481EPSS

CNNVD•added 2024/03/27 12:0 a.m.•4 views

Tenda F1203 安全漏洞

The Tenda F1203 is a wireless router from Tenda, a Chinese company. The Tenda F1203 version 2.0.1.6 suffers from a buffer overflow vulnerability, which originates from the failure of the password parameter of the R7WebsSecurityHandler method of the /goform/execCommand file to correctly validate t...

9CVSS8.4AI score0.01669EPSS