Lucene search
K

90 matches found

CNVD
CNVD
added 2026/03/11 12:0 a.m.8 views

Tenda AC15 goform/formSetIptv File Command Injection Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References1
OSV
OSV
added 2026/03/02 4:16 p.m.8 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References2
NVD
NVD
added 2026/03/02 4:16 p.m.11 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS0.01671EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/02 12:0 a.m.10 views

EUVD-2026-9196

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References2
CVE
CVE
added 2026/03/02 12:0 a.m.11 views

CVE-2026-24101

Summary: CVE-2026-24101 affects Tenda AC15 router goform/formSetIptv. The vulnerability arises when processing the s1_1 parameter, which is passed into sub_B0488 and concatenated into doSystemCmd without validation, enabling potential command injection. Affected device: Tenda AC15V1.0 V15.03.05.1...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/02 12:0 a.m.32 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

0.01671EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.13 views

PT-2026-22609

Name of the Vulnerable Software and Affected Versions Tenda AC15 versions prior to V15.03.05.18 multi Description A flaw exists in the goform/formSetIptv function of Tenda AC15 routers due to improper handling of code generation in memory when processing the s1 1 parameter. Exploitation of this...

10CVSS6.2AI score0.01671EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/03/02 12:0 a.m.3 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/22 12:20 a.m.10 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/22 12:20 a.m.12 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References1
OSV
OSV
added 2026/01/21 6:16 p.m.4 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.3AI score0.00822EPSS
Exploits1References2
NVD
NVD
added 2026/01/21 6:16 p.m.10 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS0.00822EPSS
Exploits1References2
NVD
NVD
added 2026/01/21 6:16 p.m.7 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS0.00822EPSS
Exploits1References2
OSV
OSV
added 2026/01/21 6:16 p.m.6 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.3AI score0.00822EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/21 12:0 a.m.14 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

0.00822EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/21 12:0 a.m.6 views

EUVD-2026-3607

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.2AI score0.00822EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.7 views

Tenda Ax3 security vulnerabilities

The Tenda Ax3 is a Wi-Fi 6 dual-band router with a gigabit port from the Chinese company Tenda. The Tenda Ax3 version 16.03.12.11 contains a security vulnerability. This vulnerability stems from a stack overflow in the vlanId parameter within the formSetIptv function, which may lead to memory...

9.8CVSS6.2AI score0.00822EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/21 12:0 a.m.4 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

6.2AI score0.00822EPSS
Exploits1References2
CVE
CVE
added 2026/01/21 12:0 a.m.14 views

CVE-2025-69763

CVE-2025-69763 affects Tenda AX3 firmware v16.03.12.11, with a stack overflow in formSetIptv exploitable via the vlanId parameter. The vulnerability can cause memory corruption and enable remote code execution. The issue is widely reported across multiple feeds (NVD, Red Hat CVE page, CIRCL sight...

9.8CVSS6.2AI score0.00822EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder