90 matches found
Tenda AC15 goform/formSetIptv File Command Injection Vulnerability
The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...
CVE-2026-24101
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...
CVE-2026-24101
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...
EUVD-2026-9196
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...
CVE-2026-24101
Summary: CVE-2026-24101 affects Tenda AC15 router goform/formSetIptv. The vulnerability arises when processing the s1_1 parameter, which is passed into sub_B0488 and concatenated into doSystemCmd without validation, enabling potential command injection. Affected device: Tenda AC15V1.0 V15.03.05.1...
Tenda AC15 安全漏洞
The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...
CVE-2026-24101
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...
PT-2026-22609
Name of the Vulnerable Software and Affected Versions Tenda AC15 versions prior to V15.03.05.18 multi Description A flaw exists in the goform/formSetIptv function of Tenda AC15 routers due to improper handling of code generation in memory when processing the s1 1 parameter. Exploitation of this...
CVE-2026-24101
An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...
CVE-2025-69762
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69763
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69762
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69763
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69762
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69763
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69762
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...
EUVD-2026-3607
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...
Tenda Ax3 security vulnerabilities
The Tenda Ax3 is a Wi-Fi 6 dual-band router with a gigabit port from the Chinese company Tenda. The Tenda Ax3 version 16.03.12.11 contains a security vulnerability. This vulnerability stems from a stack overflow in the vlanId parameter within the formSetIptv function, which may lead to memory...
CVE-2025-69762
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...
CVE-2025-69763
CVE-2025-69763 affects Tenda AX3 firmware v16.03.12.11, with a stack overflow in formSetIptv exploitable via the vlanId parameter. The vulnerability can cause memory corruption and enable remote code execution. The issue is widely reported across multiple feeds (NVD, Red Hat CVE page, CIRCL sight...