11 matches found
CVE-2026-15543 Tenda CH22 CertListInfo formCertListInfo buffer overflow
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
Tenda AX3 get_parentControl_list_Info function stack buffer overflow vulnerability
Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the urls parameter in th...
PT-2025-44668
Name of the Vulnerable Software and Affected Versions Tenda AX-3 version 16.03.12.10 CN Description A stack overflow exists in the Tenda AX-3 router. This issue is triggered via the deviceId parameter within the get parentControl list Info function. A crafted request can lead to a Denial of Servi...
Tenda AC8 get_parentControl_list_Info function buffer overflow vulnerability
Tenda AC8 is a wireless router from Tenda, a Chinese company. The Tenda AC8 suffers from a buffer overflow vulnerability that originates from a boundary error in the getparentControllistInfo function when handling untrusted input. No detailed vulnerability details are provided at this time...
PT-2025-7558 · Tenda · Tenda Ac8
Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.06 Description: The issue is related to a Buffer Overflow in the get parentControl list Info function. Recommendations: For Tenda AC8 version 16.03.34.06, consider disabling the get parentControl list Info function...
Tenda AC8 get_parentControl_list_Info function buffer overflow vulnerability
Tenda AC8 is a dual-band Gigabit wireless router from Tenda, designed for fiber optic homes up to 1,000 megabytes, supporting dual-band concurrent transmission rates up to 1,167 Mbps, and equipped with full Gigabit ports 1 WAN port + 3 LAN ports to meet the needs of 100-1,000 megabit broadband...
PT-2023-20896 · Tenda · Tenda Ac10
Name of the Vulnerable Software and Affected Versions: Tenda AC10 US AC10V4.0si V16.03.10.13 cn Description: The issue is related to a stack overflow via the get parentControl list Info function, allowing attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
PT-2022-27567 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the downaction parameter at the "/goform/CertListInfo" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, as a temporary workaround, conside...
PT-2022-26066 · Delta Electronics · Infrasuite Device Master
Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue allows unauthenticated users to trigger the WriteConfiguration method. This could enable an attacker to modify user configuration files, such as...
Scientific Linux Security Update : mailman on SL6.x i386/x86_64
Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they could perform a cross-site scripting XSS attack against the...
mailman -- script insertion vulnerability
Secunia reports: A vulnerability has been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input when editing the list templates and the list info attribute is not properly sanitised before being stored. This can be exploited to insert...