CVE-2026-4489 Tenda A18 Pro fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow

A vulnerability was detected in Tenda A18 Pro 02.03.02.28. This vulnerability affects the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

EUVD-2026-10232

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and...

PT-2026-23934

Name of the Vulnerable Software and Affected Versions Tenda F453 versions 1.0.0.3/3.As Description A stack-based buffer overflow exists in the fromPptpUserAdd function within the /goform/PPTPDClient file. Manipulation of the username/opttype argument can trigger the overflow. This issue can be...

CVE-2025-15046 Tenda WH450 HTTP Request PPTPClient stack-based overflow

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

EUVD-2025-201619

A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...

CVE-2025-12618

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-11653 UTT HiPER 2620G fNTP strcpy buffer overflow

A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilize...

H3C Magic B3 安全漏洞

H3C Magic B3 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic B3 100R002 and prior versions, which stems from incorrect manipulation of parameter param of function AddMacList in file/goform/aspForm, which could result in a buffer overflow...

D-Link DIR-823X 命令注入漏洞

The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability due to a flaw in the sub415028 function in the goform/setsticleases file. An attacker can exploit the vulnerability to execute arbitrary commands on the system...

PT-2025-34158 · Linksys · Linksys Re9000 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250 versions 1.0.013.001 through 1.2.07.001 Linksys RE6300 versions 1.0.013.001 through 1.2.07.001 Linksys RE6350 versions 1.0.013.001 through 1.2.07.001 Linksys RE6500 versions 1.0.013.001 through 1.2.07.001 Linksys RE7000 version...

PT-2025-7562 · Tenda · Tenda Ac8V4

Name of the Vulnerable Software and Affected Versions: Tenda AC8V4 version V16.03.34.06 Description: A vulnerability was found in the function SUB 0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk crypto leads to a stack-based buffer overflow. Recommendations: For...