CVE-2026-11556

A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. Remote exploitation of the attack i...

CVE-2026-11556

Affected product: Tenda F451 routers (firmware 1.0.0.7/1.0.0.9). Vulnerable component: Web Management Interface, function formWriteFacMac in /goform/WriteFacMac. Root cause: parameter manipulation of mac leads to OS command injection. Impact: remote code execution with high severity (network vect...

Tenda F451 命令注入漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the parameter “mac” in the formWriteFacMac function within the Web Management...

CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-4554

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

Mercury D196G 安全漏洞

The Mercury D196G is a wireless router from Mercury China. A security vulnerability exists in the Mercury D196G d196gv1-cn-up2020-01-0911.21.44 version, which stems from improper handling of the facpassword parameter, which could lead to a buffer overflow...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

PT-2025-51752

Name of the Vulnerable Software and Affected Versions Mercury D196G version d196gv1-cn-up 2020-01-09 11.21.44 Description The software is susceptible to a buffer overflow issue. This occurs in the sub 404CAEDC function through the fac password parameter. Recommendations At the moment, there is no...

CVE-2025-50402

FAST FAC1200R F400FAC1200RQ is vulnerable to Buffer Overflow in the function sub80435780 via the parameter string facpassword...

CVE-2025-50402

FAST FAC1200R F400_FAC1200R_Q is reported vulnerable to a buffer overflow in function sub_80435780 triggered through the fac_password parameter. CVSS 3.1 base score 9.8 (Network, Very Low complexity, No privileges required, User interaction none; impacts Confidentiality, Integrity, Availability) ...

FAST FAC1200R 安全漏洞

The FAST FAC1200R is a wireless router from China-based FAST FAST. A security vulnerability exists in the FAST FAC1200R that originates from a buffer overflow due to the parameter facpassword in the sub80435780 function...

EUVD-2007-2096

Malware in sbrugna...

CVE-2024-3908

A vulnerability classified as critical has been found in Tenda AC500 2.0.1.91307. Affected is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

The vulnerability of the formWriteFacMac function (/goform/WriteFacMac) in the Tenda AC7 router software allows a attacker to execute arbitrary commands.

The vulnerability of the fromSetRouteStatic /goform/SetStaticRouteCfg function in the Tenda AC7 router software relates to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

PT-2024-2459 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda F1202 version 1.2.0.20408 Description: The issue is related to the formWriteFacMac function, specifically the /goform/WriteFacMac API endpoint, where a command injection vulnerability exists due to inadequate data cleaning at the...

CVE-2024-2982

A vulnerability has been found in Tenda FH1202 1.2.0.14408 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The exploit has been disclosed to the public and...