CVE-2025-45343

An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route...

CVE-2025-45343

An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route...

The vulnerability of the wifiSSID parameter in the /goform/setModules function of the Tenda W18E v2.0 router’s microprogramming software, which allows a hacker to trigger a service failure.

The vulnerability of the wifiSSID parameter in the /goform/setModules function of the Tenda W18E v2.0 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2023-49429

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules...

PT-2023-7507 · Tenda · Tenda Ax9

Name of the Vulnerable Software and Affected Versions: Tenda AX9 version V22.03.01.46 Description: The issue is related to a SQL command injection vulnerability in the setDeviceInfo feature. This vulnerability can be exploited through the mac parameter at the "/goform/setModules" API endpoint. Th...