Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

CNVD
CNVDadded 2026/03/11 12:0 a.m.2 views

Tenda AC15 goform/formSetIptv File Command Injection Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References1
OSV
OSVadded 2026/03/02 4:16 p.m.6 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References2
NVD
NVDadded 2026/03/02 4:16 p.m.10 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS0.01671EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/02 12:0 a.m.25 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

0.01671EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/02 12:0 a.m.3 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References3
CVE
CVEadded 2026/03/02 12:0 a.m.8 views

CVE-2026-24101

Summary: CVE-2026-24101 affects Tenda AC15 router goform/formSetIptv. The vulnerability arises when processing the s1_1 parameter, which is passed into sub_B0488 and concatenated into doSystemCmd without validation, enabling potential command injection. Affected device: Tenda AC15V1.0 V15.03.05.1...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/02 12:0 a.m.5 views

PT-2026-22609

Name of the Vulnerable Software and Affected Versions Tenda AC15 versions prior to V15.03.05.18 multi Description A flaw exists in the goform/formSetIptv function of Tenda AC15 routers due to improper handling of code generation in memory when processing the s1 1 parameter. Exploitation of this...

10CVSS6.2AI score0.01671EPSS
Exploits1References7
EUVD
EUVDadded 2026/03/02 12:0 a.m.7 views

EUVD-2026-9196

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

9.8CVSS5.9AI score0.01671EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/03/02 12:0 a.m.3 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in the Tenda AC15V1.0 V15.03.05.18multi version. The vulnerability stems from the unvalidated s11 parameter in goform/formSetIptv, which can be exploited by an attacker to cause a command...

9.8CVSS5.8AI score0.01671EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/01/22 12:20 a.m.9 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/22 12:20 a.m.6 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References1
OSV
OSVadded 2026/01/21 6:16 p.m.3 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.3AI score
Exploits0References2
NVD
NVDadded 2026/01/21 6:16 p.m.5 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS0.00822EPSS
Exploits1References2
NVD
NVDadded 2026/01/21 6:16 p.m.5 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS0.00822EPSS
Exploits1References2
OSV
OSVadded 2026/01/21 6:16 p.m.3 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.3AI score0.00822EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/01/21 12:0 a.m.2 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/01/21 12:0 a.m.15 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

0.00822EPSS
Exploits1References2
EUVD
EUVDadded 2026/01/21 12:0 a.m.4 views

EUVD-2026-3607

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.2AI score0.00822EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/01/21 12:0 a.m.3 views

CVE-2025-69763

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution...

6.2AI score0.00822EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/01/21 12:0 a.m.3 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

6.2AI score0.00822EPSS
Exploits1References2
Rows per page
Query Builder