CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-4554

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

Mercury D196G 安全漏洞

The Mercury D196G is a wireless router from Mercury China. A security vulnerability exists in the Mercury D196G d196gv1-cn-up2020-01-0911.21.44 version, which stems from improper handling of the facpassword parameter, which could lead to a buffer overflow...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

PT-2025-51752

Name of the Vulnerable Software and Affected Versions Mercury D196G version d196gv1-cn-up 2020-01-09 11.21.44 Description The software is susceptible to a buffer overflow issue. This occurs in the sub 404CAEDC function through the fac password parameter. Recommendations At the moment, there is no...

CVE-2025-50402

FAST FAC1200R F400FAC1200RQ is vulnerable to Buffer Overflow in the function sub80435780 via the parameter string facpassword...

CVE-2025-50402

FAST FAC1200R F400_FAC1200R_Q is reported vulnerable to a buffer overflow in function sub_80435780 triggered through the fac_password parameter. CVSS 3.1 base score 9.8 (Network, Very Low complexity, No privileges required, User interaction none; impacts Confidentiality, Integrity, Availability) ...

FAST FAC1200R 安全漏洞

The FAST FAC1200R is a wireless router from China-based FAST FAST. A security vulnerability exists in the FAST FAC1200R that originates from a buffer overflow due to the parameter facpassword in the sub80435780 function...

EUVD-2007-2096

Malware in sbrugna...

CVE-2024-3908

A vulnerability classified as critical has been found in Tenda AC500 2.0.1.91307. Affected is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

PT-2024-2459 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda F1202 version 1.2.0.20408 Description: The issue is related to the formWriteFacMac function, specifically the /goform/WriteFacMac API endpoint, where a command injection vulnerability exists due to inadequate data cleaning at the...

CVE-2024-2982

A vulnerability has been found in Tenda FH1202 1.2.0.14408 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The exploit has been disclosed to the public and...

Tenda AC15 操作系统命令注入漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. Tenda AC15 suffers from a command injection vulnerabilit...

PT-2024-2496 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue is present in the Tenda AC7 router's software, related to the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the mac argument leads to os command...

SUSE CVE-2011-1493

Array index error in the roseparsenational function in net/rose/rosesubr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact by composing FACNATIONALDIGIS data that specifies a large number of...

fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2021-28037 via internment (=0.3.13)

internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2021-28037 Source advisory: OSV:GHSA-GPPW-3H6H-V6Q2...