Lucene search
+L

11 matches found

Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-15543 Tenda CH22 CertListInfo formCertListInfo buffer overflow

A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS0.00466EPSS
Exploits0References6
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Tenda AX3 get_parentControl_list_Info function stack buffer overflow vulnerability

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the urls parameter in th...

7.5CVSS7.4AI score0.00362EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.12 views

PT-2025-44668

Name of the Vulnerable Software and Affected Versions Tenda AX-3 version 16.03.12.10 CN Description A stack overflow exists in the Tenda AX-3 router. This issue is triggered via the deviceId parameter within the get parentControl list Info function. A crafted request can lead to a Denial of Servi...

9CVSS6.8AI score0.00362EPSS
Exploits1References6
CNVD
CNVD
added 2025/02/28 12:0 a.m.5 views

Tenda AC8 get_parentControl_list_Info function buffer overflow vulnerability

Tenda AC8 is a wireless router from Tenda, a Chinese company. The Tenda AC8 suffers from a buffer overflow vulnerability that originates from a boundary error in the getparentControllistInfo function when handling untrusted input. No detailed vulnerability details are provided at this time...

6.5CVSS7.2AI score0.0028EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.6 views

PT-2025-7558 · Tenda · Tenda Ac8

Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.06 Description: The issue is related to a Buffer Overflow in the get parentControl list Info function. Recommendations: For Tenda AC8 version 16.03.34.06, consider disabling the get parentControl list Info function...

6.5CVSS7.2AI score0.0028EPSS
Exploits1References5
CNVD
CNVD
added 2023/06/07 12:0 a.m.5 views

Tenda AC8 get_parentControl_list_Info function buffer overflow vulnerability

Tenda AC8 is a dual-band Gigabit wireless router from Tenda, designed for fiber optic homes up to 1,000 megabytes, supporting dual-band concurrent transmission rates up to 1,167 Mbps, and equipped with full Gigabit ports 1 WAN port + 3 LAN ports to meet the needs of 100-1,000 megabit broadband...

9.8CVSS8.3AI score0.01211EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/04/06 12:0 a.m.12 views

PT-2023-20896 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 US AC10V4.0si V16.03.10.13 cn Description: The issue is related to a stack overflow via the get parentControl list Info function, allowing attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

10CVSS8.2AI score0.01069EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.10 views

PT-2022-27567 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the downaction parameter at the "/goform/CertListInfo" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, as a temporary workaround, conside...

7.5CVSS7.4AI score0.00859EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.6 views

PT-2022-26066 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue allows unauthenticated users to trigger the WriteConfiguration method. This could enable an attacker to modify user configuration files, such as...

7.5CVSS7.3AI score0.00511EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.27 views

Scientific Linux Security Update : mailman on SL6.x i386/x86_64

Multiple input sanitization flaws were found in the way Mailman displayed usernames of subscribed users on certain pages. If a user who is subscribed to a mailing list were able to trick a victim into visiting one of those pages, they could perform a cross-site scripting XSS attack against the...

4.3CVSS5.7AI score0.04248EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2008/02/05 12:0 a.m.25 views

mailman -- script insertion vulnerability

Secunia reports: A vulnerability has been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input when editing the list templates and the list info attribute is not properly sanitised before being stored. This can be exploited to insert...

4.3CVSS5.1AI score0.01919EPSS
Exploits0References3
Rows per page
Query Builder