CVE-2025-10443 Tenda AC9/AC15 exeCommand formexeCommand buffer overflow

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly...

CVE-2025-43984

An issue was discovered on KuWFi GC111 devices Hardware Version: CPE-LM321V3.2, Software Version: GC111-GL-LM321V3.020191211. They are vulnerable to unauthenticated /goform/goformsetcmdprocess requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary...

CVE-2025-43984

An issue was discovered on KuWFi GC111 devices Hardware Version: CPE-LM321V3.2, Software Version: GC111-GL-LM321V3.020191211. They are vulnerable to unauthenticated /goform/goformsetcmdprocess requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary...

PT-2025-33281 · Undefined · Undefined

KuWFi CPF908-CP5 WEB5.0 LCD 20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform set cmd process and goform/goform get cmd process. These allow an unauthenticated attacker to retrieve sensitive information including the device admin username and...

PT-2024-26261 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 1.2.0.88155 EN Description: A stack-based buffer overflow issue was found via the funcpara1 parameter at the "ip/goform/exeCommand" endpoint. Recommendations: For Tenda FH1206 version 1.2.0.88155 EN, avoid using the...

Tenda FH1205 formexeCommand method stack buffer overflow vulnerability

The Tenda FH1205 is a home wireless router from China's Tenda, geared toward the average home network environment, providing wireless connectivity. The Tenda FH1205 suffers from a stack buffer overflow vulnerability that originates from the cmdinput parameter of the formexeCommand method of the...