MAL-2026-5474 Malicious code in getui-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf281a31a53827497d9a24ff0602f277b568f495a00c14603c3e9bf11a30327a On npm install, postinstall.js issues an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 with query parameters containing the...

Tenda AC10 Buffer Overflow Vulnerability

Tenda AC10 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC10 version 16.03.10.13, which originates from the mishandling of the getui parameter in the formSysRunCmd function in the /goform/SysRunCmd file. The vulnerability can be exploited to trigger a...

CVE-2025-12622

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2025-12622

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2025-12622

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

EUVD-2025-37475

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2025-12622 Tenda AC10 SysRunCmd formSysRunCmd buffer overflow

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2025-12622 Tenda AC10 SysRunCmd formSysRunCmd buffer overflow

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2025-12622

CVE-2025-12622 affects Tenda AC10 firmware 16.03.10.13. The issue is in the function formSysRunCmd in the file /goform/SysRunCmd , where manipulation of the getui parameter triggers a buffer overflow . Exploitation can be performed remotely, and multiple sources confirm a publicly disclosed explo...

PT-2025-44754

Name of the Vulnerable Software and Affected Versions Tenda AC10 version 16.03.10.13 Description A flaw exists in the formSysRunCmd function within the /goform/SysRunCmd file. Manipulation of the getui argument can lead to a buffer overflow. This issue can be exploited remotely. The exploit for...