3 matches found
Tenda A15 缓冲区错误漏洞
Tenda A15 is a WiFi extender from Tenda China. A stack overflow vulnerability exists in the Tenda A15 SYSPS parameter, which originates from a lack of length checking of input data in the SYSPS parameter of /goform/SysToolChangePwd, which can be exploited by an attacker to cause a denial of servi...
Tenda W20E 缓冲区错误漏洞
The Tenda W20E is a router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda W20E version V15.11.0.6, which originates from the formDelDhcpRule method not size-checking the input data with a request to /goform/delDhcpRules/, which can be exploited by an attacker t...
Remote command execution via KW Whois 1.0
Greetings, There is a vulnerability in Kootenay Web Inc's KW Whois v1.0 which allows malicious users to execute commands as the uid/gid of the webserver. The hole lies in unchecked user input via an input form box. The form element input type=text name="whois" is not checked by the script for...