CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/25 7:16 a.m.•5 views

CVE-2026-3166

A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly availabl...

9CVSS0.00106EPSS

Exploits2References5

Vulnrichment•added 2026/02/25 7:2 a.m.•2 views

CVE-2026-3168 Tenda F453 httpd NatStaticSetting fromNatStaticSetting buffer overflow

ATTACKERKB•added 2026/02/25 7:2 a.m.•4 views

Exploits2References5

CVE-2026-3168

Vulnrichment•added 2026/02/25 7:2 a.m.•1 views

CVE-2026-3167 Tenda F453 httpd webtypelibrary formWebTypeLibrary buffer overflow

A security flaw has been discovered in Tenda F453 1.0.0.3. The impacted element is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component httpd. Performing a manipulation of the argument webSiteId results in buffer overflow. The attack may be initiated remotely. The...

9CVSS6.1AI score0.00125EPSS

Exploits2References5

ATTACKERKB•added 2026/02/25 7:2 a.m.•4 views

CVE-2026-3167

9CVSS6.1AI score0.00125EPSS

ATTACKERKB•added 2026/02/25 6:32 a.m.•6 views

CVE-2026-3166

CVE•added 2026/02/25 6:32 a.m.•9 views

CVE-2026-3166

CVE-2026-3166 affects Tenda F453 firmware 1.0.0.3. The vulnerability lies in the httpd component’s fromRouteStatic function in the /goform/RouteStatic file, where manipulation of the page argument leads to a buffer overflow . It is described as sacrificable for remote execution, with a public exp...

ATTACKERKB•added 2026/02/25 6:2 a.m.•6 views

CVE-2026-3165

A vulnerability was determined in Tenda F453 1.0.0.3. Impacted is the function fromSetWifiGusetBasic of the file /goform/AdvSetWrlsafeset of the component httpd. This manipulation of the argument mitssid causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly...

9CVSS6AI score0.00106EPSS

Positive Technologies•added 2026/02/25 12:0 a.m.•3 views

PT-2026-21883

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A flaw exists in the Tenda F453 router’s httpd component. Specifically, the fromNatStaticSetting function, accessible via the /goform/NatStaticSetting API endpoint, is susceptible to a buffer overflow. Th...

9CVSS7.5AI score0.00106EPSS

Exploits2References14

Positive Technologies•added 2026/02/25 12:0 a.m.•6 views

PT-2026-21880

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A buffer overflow issue exists in the fromRouteStatic function of the httpd component, specifically within the /goform/RouteStatic endpoint. Manipulation of the page argument in an HTTP request can trigge...

9CVSS7.3AI score0.00106EPSS

Exploits2References14

ATTACKERKB•added 2026/02/23 11:32 p.m.•3 views

CVE-2026-3044

A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS6.1AI score0.00101EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/02/23 11:32 p.m.•3 views

CVE-2026-3044 Tenda AC8 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow

9CVSS6.1AI score0.00101EPSS

CVE•added 2026/02/23 11:32 p.m.•7 views

CVE-2026-3044

CVE-2026-3044 affects Tenda AC8 16.03.34.06; the stack-based overflow occurs in the webCgiGetUploadFile function under /cgi-bin/UploadCfg in the Httpd service due to improper handling of the boundary argument. It is exploitable remotely and the exploit has been publicly disclosed. Affected produc...

9CVSS8.6AI score0.00101EPSS

Exploits0References5Affected Software1

RedHat Linux•added 2026/02/23 7:20 p.m.•2 views

httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

A permissions bypass flaw has been discovered in the apache HTTP server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid...

5.4CVSS5.7AI score0.00041EPSS

Exploits0References6

RedhatCVE•added 2026/02/23 7:26 a.m.•4 views

CVE-2026-2930

A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. Th...

8.8CVSS6.2AI score0.00068EPSS

Exploits0References1

ATTACKERKB•added 2026/02/22 6:2 a.m.•3 views

CVE-2026-2930

6.5CVSS6.3AI score0.00068EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/02/22 6:2 a.m.•20 views

CVE-2026-2930 Tenda A18 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow

6.5CVSS0.00068EPSS

Positive Technologies•added 2026/02/22 12:0 a.m.•4 views

PT-2026-21419

6.5CVSS6.3AI score0.00068EPSS

Exploits0References6

OSV•added 2026/02/21 7:15 p.m.•4 views

CVE-2026-2877

A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapskcrypto5g leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

8.8CVSS6.3AI score0.00101EPSS