Lucene search
+L

93 matches found

ptsecurity
ptsecurity
added 2025/10/27 12:0 a.m.8 views

PT-2025-43870

Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A stack-based buffer overflow exists in the SetValue/GetValue function of the /goform/AdvSetLanip file. Manipulation of the lanIp argument can trigger this issue, allowing for remote exploitation. The...

9.8CVSS7.3AI score0.00978EPSS
Exploits1References9
cnvd
cnvd
added 2025/10/15 12:0 a.m.3 views

Tenda AC7 Command Injection Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. A command injection vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the failure to properly filter the parameter lanIp in the file /goform/AdvSetLanip to construct command special characters, commands, etc...

8.8CVSS8.1AI score0.03741EPSS
Exploits1References1
nvd
nvd
added 2025/10/09 2:15 a.m.5 views

CVE-2025-11523

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

8.8CVSS0.03741EPSS
Exploits1References5
osv
osv
added 2025/10/09 2:15 a.m.5 views

CVE-2025-11523

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

8.8CVSS5.8AI score0.03741EPSS
Exploits1References5
cvelist
cvelist
added 2025/10/09 1:2 a.m.12 views

CVE-2025-11523 Tenda AC7 AdvSetLanip command injection

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

6.5CVSS0.03741EPSS
Exploits1References5
euvd
euvd
added 2025/10/09 1:2 a.m.6 views

EUVD-2025-33259

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

8.8CVSS6.9AI score0.03741EPSS
Exploits1References7
cve
cve
added 2025/10/09 1:2 a.m.20 views

CVE-2025-11523

The CVE-2025-11523 entry concerns Tenda AC7 15.03.06.44. The affected component is the AdvSetLanip handler, with the vulnerability arising from improper filtering/handling of the lanIp parameter in /goform/AdvSetLanip, enabling remote command injection. Public exploits exist and can be used to ac...

8.8CVSS7.1AI score0.03741EPSS
Exploits1References5Affected Software1
ptsecurity
ptsecurity
added 2025/10/09 12:0 a.m.7 views

PT-2025-41325

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A command injection issue exists in Tenda AC7 version 15.03.06.44. The issue is located in the file /goform/AdvSetLanip. Manipulation of the lanIp argument can lead to command injection. This can be...

8.8CVSS6.7AI score0.03741EPSS
Exploits1References10
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33663

Malicious code in bioql PyPI...

10CVSS9.4AI score0.03802EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31018

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.02773EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25878

Malicious code in bioql PyPI...

9CVSS8.8AI score0.01277EPSS
Exploits1References6
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33352

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.09285EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/09/29 9:47 p.m.19 views

CVE-2025-11121

A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and m...

6.5CVSS7AI score0.03741EPSS
Exploits1References1
cnvd
cnvd
added 2025/09/29 12:0 a.m.4 views

Tenda AC18 Command Injection Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that originates from the mishandling of the lanIp parameter by an unknown function in the...

8.8CVSS6.9AI score0.03741EPSS
Exploits1References1
nvd
nvd
added 2025/09/28 10:15 p.m.8 views

CVE-2025-11121

A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and m...

8.8CVSS0.03741EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/09/28 12:0 a.m.9 views

Tenda AC18 命令注入漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that originates from the mishandling of the lanIp parameter by an unknown function in the...

8.8CVSS7.7AI score0.03741EPSS
Exploits1References6
osv
osv
added 2025/08/27 1:15 p.m.3 views

CVE-2025-9525

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...

8.7CVSS6.4AI score0.01277EPSS
Exploits1References6
cvelist
cvelist
added 2025/08/27 12:32 p.m.14 views

CVE-2025-9525 Linksys E1700 setWan stack-based overflow

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...

9CVSS0.01277EPSS
Exploits1References6
cve
cve
added 2025/08/27 12:32 p.m.25 views

CVE-2025-9525

The CVE-2025-9525 entry concerns Linksys E1700 firmware 1.0.0.4.003. A stack-based overflow arises in the setWan function of /goform/setWan when the DeviceName/lanIp arguments are manipulated. This vulnerability can be triggered remotely and, according to the sources, an exploit has been publishe...

9CVSS7.2AI score0.01277EPSS
Exploits1References6Affected Software1
cnnvd
cnnvd
added 2025/08/27 12:0 a.m.7 views

Linksys E1700 安全漏洞

The Linksys E1700 is a wireless router from Linksys, USA. A security vulnerability exists in Linksys E1700 version 1.0.0.4.003, which originates from a stack buffer overflow due to incorrect manipulation of the parameter DeviceName/lanIp in the file /goform/setWan...

9CVSS8.9AI score0.01277EPSS
Exploits1References6
Rows per page
Query Builder