CVE-2026-12809

Edimax BR-6478AC V2 firmware 1.23 is affected by a command injection in the POST Request Handler, specifically in wiz_5in1_redirect (/goform/wiz_5in1_redirect) where manipulation of the newpass argument enables remote code execution. Attack vector is network-based and requires no user interaction...

EUVD-2026-38194

A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicl...

EUVD-2026-38051

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...

Tenda F451 命令注入漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the parameter “mac” in the formWriteFacMac function within the Web Management...

EUVD-2026-25898

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

CVE-2026-6199

A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-3728 Tenda F453 setcfm fromSetCfm stack-based overflow

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-70219

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot...

CVE-2025-24496

CVE-2025-24496 affects Tenda AC6 V5.0 V02.03.01.110. The information-disclosure flaw resides in /goform/getproductInfo; Talos notes an authentication bypass when requesting this URL, allowing a non-authenticated retrieval of module data via the generic getter, potentially exposing configuration d...

The vulnerability of the `fromSafeSetMacFilter` function in the `/goform/setMacFilterList` microprogramming system of the Tenda wireless access point allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the fromSafeSetMacFilter function in the /goform/setMacFilterList microprogramming system for the wireless access point Tenda is related to the operation of the function beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary co...

H3C Magic R200 缓冲区错误漏洞

The H3C Magic R200 is a router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R200 R200V100R004 version, which stems from the discovery of a stack overflow vulnerability contained via the SetMobileAPInfoById interface of /goform/aspForm...

CVE-2022-34601

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm...