598 matches found
CVE-2022-27076
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/delAd...
Tenda M3 /goform/exeCommand File Stack Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...
Tenda M3 /goform/setVlanInfo File Stack Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameters ID, vlan and port in...
Tenda M3 /goform/setAdInfoDetail File Heap Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the parameter...
Tenda M3 /goform/setAdPushInfo File Stack Buffer Overflow Vulnerability
Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameter mac/terminal in the...
PT-2026-1029
Name of the Vulnerable Software and Affected Versions wasm3 versions up to 0.5.0 Description A flaw exists in wasm3 that could lead to memory corruption. The issue is related to the op SetSlot i32/op CallIndirect function within the m3 exec.h file. Manipulation of this function can trigger the...
CVE-2025-15252
A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2025-15253
A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...
CVE-2025-15234
A weakness has been identified in Tenda M3 1.0.0.134903. Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the...
CVE-2025-15233
A security flaw has been discovered in Tenda M3 1.0.0.134903. This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemU...
CVE-2025-15232
A vulnerability was identified in Tenda M3 1.0.0.134903. This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit ...
CVE-2025-15230
A vulnerability was found in Tenda M3 1.0.0.134903. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlantruckport results in heap-based buffer overflow. Remote exploitation of the attack is possible. The...
CVE-2025-15231
A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...
EUVD-2025-205777
A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2025-15253
A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...
CVE-2025-15253
A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...
CVE-2025-15252
A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2025-15252
A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2025-15253 Tenda M3 exeCommand stack-based overflow
A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...
CVE-2025-15253
The CVE-2025-15253 issue affects Tenda M3 (version 1.0.0.13(4903)) via an unknown function in /goform/exeCommand where improper handling of the cmdinput parameter causes a stack-based overflow. Multiple connected sources (CNVD-2026-06098, RH:CVE-2025-15253, CNNVD-202512-5119, CVELIST/CVE-2025-152...