93 matches found
PT-2025-43870
Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A stack-based buffer overflow exists in the SetValue/GetValue function of the /goform/AdvSetLanip file. Manipulation of the lanIp argument can trigger this issue, allowing for remote exploitation. The...
Tenda AC7 Command Injection Vulnerability
Tenda AC7 is a wireless router from Tenda, a Chinese company. A command injection vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the failure to properly filter the parameter lanIp in the file /goform/AdvSetLanip to construct command special characters, commands, etc...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
EUVD-2025-33259
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-11523
The CVE-2025-11523 entry concerns Tenda AC7 15.03.06.44. The affected component is the AdvSetLanip handler, with the vulnerability arising from improper filtering/handling of the lanIp parameter in /goform/AdvSetLanip, enabling remote command injection. Public exploits exist and can be used to ac...
PT-2025-41325
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A command injection issue exists in Tenda AC7 version 15.03.06.44. The issue is located in the file /goform/AdvSetLanip. Manipulation of the lanIp argument can lead to command injection. This can be...
EUVD-2022-33663
Malicious code in bioql PyPI...
EUVD-2023-31018
Malicious code in bioql PyPI...
EUVD-2025-25878
Malicious code in bioql PyPI...
EUVD-2022-33352
Malicious code in bioql PyPI...
CVE-2025-11121
A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and m...
Tenda AC18 Command Injection Vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that originates from the mishandling of the lanIp parameter by an unknown function in the...
CVE-2025-11121
A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and m...
Tenda AC18 命令注入漏洞
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that originates from the mishandling of the lanIp parameter by an unknown function in the...
CVE-2025-9525
A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...
CVE-2025-9525 Linksys E1700 setWan stack-based overflow
A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...
CVE-2025-9525
The CVE-2025-9525 entry concerns Linksys E1700 firmware 1.0.0.4.003. A stack-based overflow arises in the setWan function of /goform/setWan when the DeviceName/lanIp arguments are manipulated. This vulnerability can be triggered remotely and, according to the sources, an exploit has been publishe...
Linksys E1700 安全漏洞
The Linksys E1700 is a wireless router from Linksys, USA. A security vulnerability exists in Linksys E1700 version 1.0.0.4.003, which originates from a stack buffer overflow due to incorrect manipulation of the parameter DeviceName/lanIp in the file /goform/setWan...