18 matches found
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
CVE-2026-2909 affects Tenda HG9 300001138. The vulnerability exists in the Diagnostic Ping Endpoint at /boaform/formPing, where manipulating the pingAddr argument triggers a stack-based buffer overflow. It is exploitable remotely, and public exploits exist. CVSS metrics indicate high impact acros...
CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2023-33617
An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14X000 was found via the /boaform/admin/formPing targetaddr parameter...
Command injection
An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14X000 was found via the /boaform/admin/formPing targetaddr parameter...
Parks Fiberlink 操作系统命令注入漏洞
Parks Fiberlink is a high-performance OLT from Parks designed to deliver ultra-broadband services to large numbers of subscribers in a fast and cost-effective manner. A security vulnerability exists in Parks Fiberlink version 210 2.1.14X000, which stems from a problem with the...
Tenda HG6 3.3.0 Remote Command Injection
Tenda HG6 v3.3.0 Remote Command Injection Vulnerability Vendor: Tenda Technology Co.,Ltd. Product web page: https://www.tendacn.com https://www.tendacn.com/product/HG6.html Affected version: Firmware version: 3.3.0-210926 Software version: v1.1.0 Hardware Version: v1.0 Check Version:...
VulnCheck KEV: CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
Exploit for OS Command Injection in Gpononu 1Ge_Router_Wifi_Onu_V2801Rw_Firmware
A proof of concept for CVE-2020-8958 written in Python. The scri...
PT-2020-20395 · V Sol +1 · V-Sol Home Routers +2
Name of the Vulnerable Software and Affected Versions: Guangzhou 1GE ONU V2801RW versions 1.9.1-181203 through 2.9.0-181024 Guangzhou 1GE ONU V2804RGW versions 1.9.1-181203 through 2.9.0-181024 V-SOL Home Routers affected versions not specified Description: The issue allows remote attackers to...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. Recent assessments: Assessed Attacker Value: 0...
Netlink GPON Router 1.0.11 - Remote Code Execution
Netlink GPON Router 1.0.11 - Remote Code Execution Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls...
Netlink GPON Router 1.0.11 - Remote Code Execution
Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...