Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

366 matches found

Nuclei
Nucleiadded 2026/05/28 5:39 a.m.61 views

Dasan GPON Devices - Remote Code Execution

Dasan GPON home routers are susceptible to command injection which can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

9.8CVSS7.6AI score0.94028EPSS
Exploits7References5
RedhatCVE
RedhatCVEadded 2026/04/03 5:0 p.m.4 views

CVE-2026-5339

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

8.8CVSS5.7AI score0.0009EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/02 3:31 p.m.1 views

EUVD-2026-18342

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.0009EPSS
Exploits1References13
ATTACKERKB
ATTACKERKBadded 2026/04/02 2:15 p.m.1 views

CVE-2026-5339

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.0009EPSS
Exploits1References12Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/02 2:15 p.m.0 views

CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.0009EPSS
Exploits1References12
CVE
CVEadded 2026/04/02 2:15 p.m.3 views

CVE-2026-5339

CVE-2026-5339 affects Tenda G103 1.0.0.5. The vulnerability is in the Setting Handler’s gpon.lua, function action_set_net_settings, where manipulating authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority enables command injection remotely. Public exploit av...

8.8CVSS5.8AI score0.0009EPSS
Exploits1References12Affected Software1
Cvelist
Cvelistadded 2026/04/02 2:15 p.m.19 views

CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS0.0009EPSS
Exploits1References12
CNNVD
CNNVDadded 2026/04/02 12:0 a.m.2 views

Tenda G103 命令注入漏洞

The Tenda G103 is a GPON fiber access device designed specifically for home and SOHO users by the Chinese company Tenda. Version 1.0.0.5 of the Tenda G103 contains a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...

8.8CVSS5.8AI score0.0009EPSS
Exploits1References12
Positive Technologies
Positive Technologiesadded 2026/04/02 12:0 a.m.1 views

PT-2026-29748

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action set net settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument...

5.8CVSS5.8AI score0.0009EPSS
Exploits1References13
RedhatCVE
RedhatCVEadded 2026/02/23 7:26 a.m.2 views

CVE-2026-2907

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

9CVSS5.9AI score0.00112EPSS
Exploits1References1
NVD
NVDadded 2026/02/22 2:16 a.m.4 views

CVE-2026-2907

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

9CVSS0.00112EPSS
Exploits1References5
OSV
OSVadded 2026/02/22 2:16 a.m.1 views

CVE-2026-2907

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

8.8CVSS6.2AI score
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/02/22 1:32 a.m.3 views

CVE-2026-2907 Tenda HG9 GPON Configuration Endpoint formgponConf stack-based overflow

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

9CVSS8.5AI score0.00112EPSS
Exploits1References5
CVE
CVEadded 2026/02/22 1:32 a.m.7 views

CVE-2026-2907

The CVE targets Tenda HG9 (model 300001138) with a vulnerability in the GPON Configuration Endpoint. It exploits an issue in the /boaform/formgponConf handler where manipulating the arguments fmgpon_loid/fmgpon_loid_password triggers a stack-based buffer overflow. This allows remote, unauthentica...

9CVSS6.1AI score0.00112EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/22 1:32 a.m.3 views

CVE-2026-2907

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

9CVSS6.1AI score0.00112EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/02/22 1:32 a.m.21 views

CVE-2026-2907 Tenda HG9 GPON Configuration Endpoint formgponConf stack-based overflow

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgponloid/fmgponloidpassword causes stack-based buffer overflow...

9CVSS0.00112EPSS
Exploits1References5
CNNVD
CNNVDadded 2026/02/22 12:0 a.m.3 views

Tenda HG9 安全漏洞

The Tenda HG9 is a WiFi router produced by the Chinese company Tenda. The Tenda HG9 300001138 version has a security vulnerability. This vulnerability stems from incorrect operations on the parameters fmgponloid/fmgponloidpassword in the file/boaform/formgponConf of the GPON Configuration Endpoin...

9CVSS7.7AI score0.00112EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/01/09 11:29 a.m.3 views

CVE-2021-27165

An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials...

9.8CVSS7.1AI score0.00567EPSS
Exploits1References1
NVD
NVDadded 2026/01/08 12:15 a.m.2 views

CVE-2019-25284

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

6.1CVSS0.00066EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/01/07 11:11 p.m.28 views

CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

6.1CVSS0.00066EPSS
Exploits1References5
Rows per page
Query Builder