1840 matches found
CVE-2025-7463
A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mitssid leads to buffer overflow. The atta...
CVE-2025-7460
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...
CVE-2025-7525
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525 TOTOLINK T6 HTTP POST Request cstecgi.cgi setTracerouteCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525
CVE-2025-7525 affects TOTOLINK T6 (4.1.5cu.748_B20211015). The vulnerability lies in the HTTP POST Request Handler’s setTracerouteCfg function within /cgi-bin/cstecgi.cgi, where improper handling of the command parameter permits remote command injection. Multiple connected sources confirm the att...
CVE-2025-7525 TOTOLINK T6 HTTP POST Request cstecgi.cgi setTracerouteCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7524
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
CVE-2025-7524 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
CVE-2025-7524 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
PT-2025-29474 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in the HTTP POST Request Handler component of the software. The delDevice function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through...
PT-2025-29473 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in TOTOLINK T6 version 4.1.5cu.748. The vulnerability is located within the CloudSrvVersionCheck function of the /cgi-bin/cstecgi.cgi file, part of the HTTP POST Request...
PT-2025-29475 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK T6. The vulnerability is due to command injection in the clearPairCfg function within the /cgi-bin/cstecgi.cgi...
CVE-2025-7505
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the atta...
CVE-2025-7506
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...
CVE-2025-7506
CVE-2025-7506 affects Tenda FH451 v1.0.0.9. The stack-based buffer overflow is triggered by manipulating the page argument in the fromNatlimit function of /goform/Natlimit in the HTTP POST Request Handler. The vulnerability permits remote exploitation, and public exploits are described across mul...
CVE-2025-7506 Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...
CVE-2025-7506 Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...
CVE-2025-7505 Tenda FH451 HTTP POST Request L7Prot frmL7ProtForm stack-based overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the atta...
CVE-2025-7505
The CVE concerns Tenda FH451 (version 1.0.0.9). The flaw occurs in the HTTP POST Request Handler, specifically the function frmL7ProtForm in /goform/L7Prot, where the input argument page can cause a stack-based buffer overflow. This vulnerability is remotely exploitable and has public exploit ava...
CVE-2025-7505 Tenda FH451 HTTP POST Request L7Prot frmL7ProtForm stack-based overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the atta...