59 matches found
CVE-2025-44865
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44866
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44866
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44864
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
Tenda W20E 安全漏洞
The Tenda W20E is a router from the Chinese company Tenda. The Tenda W20E suffers from a command injection vulnerability that stems from the failure of the formSetDebugCfg function module parameter to properly filter constructor command special characters, commands, etc. The vulnerability is caus...
CVE-2025-44864
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
Tenda W20E 安全漏洞
The Tenda W20E is a router from the Chinese company Tenda. The Tenda W20 suffers from a command injection vulnerability that stems from the formSetDebugCfg function level parameter failing to properly filter construct command special characters, commands, and so on. No details of the vulnerabilit...
Tenda W20E 安全漏洞
The Tenda W20E is a router from the Chinese company Tenda. The Tenda W20E suffers from a command injection vulnerability that stems from the formSetDebugCfg function enable parameter failing to properly filter construct command special characters, commands, and so on. No detailed vulnerability...
CVE-2024-50853
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function...
CVE-2024-50853
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function...
CVE-2024-50853
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function...
Tenda G3 命令注入漏洞
Tenda G3 is a Qos Vpn router from Tenda China. Tenda G3 suffers from a command injection vulnerability, which stems from the formSetDebugCfg function failing to properly filter constructor command special characters, commands, etc. The vulnerability can be exploited to execute arbitrary commands...
PT-2024-9599 · Tenda · Tenda G3
Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetDebugCfg function in the Tenda G3 wireless access point firmware, which is associated with incorrect filtering of the enable, level, and module parameter values...
PT-2024-8672 · Tenda · Tenda G3
Name of the Vulnerable Software and Affected Versions: Tenda G3 version 15.11.0.20 Description: A critical issue has been found in the Tenda G3, affecting the formSetDebugCfg function of the file /goform/setDebugCfg. The manipulation of the enable/level/module argument leads to a stack-based buff...
CVE-2022-45709
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
CVE-2022-45709
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
CVE-2022-45710
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
CVE-2022-45710
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
Command injection
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
Buffer overflow
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...