Lucene search
+L

598 matches found

redhatcve
redhatcve
added 2026/01/07 9:48 a.m.8 views

CVE-2022-27076

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/delAd...

10CVSS8AI score0.02654EPSS
Exploits1References1
cnvd
cnvd
added 2026/01/06 12:0 a.m.4 views

Tenda M3 /goform/exeCommand File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...

9CVSS6.4AI score0.00632EPSS
Exploits1References1
cnvd
cnvd
added 2026/01/06 12:0 a.m.3 views

Tenda M3 /goform/setVlanInfo File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameters ID, vlan and port in...

9CVSS6.3AI score0.00632EPSS
Exploits1References1
cnvd
cnvd
added 2026/01/06 12:0 a.m.3 views

Tenda M3 /goform/setAdInfoDetail File Heap Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the parameter...

9CVSS6.3AI score0.00632EPSS
Exploits1References1
cnvd
cnvd
added 2026/01/06 12:0 a.m.5 views

Tenda M3 /goform/setAdPushInfo File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameter mac/terminal in the...

9CVSS6.3AI score0.00632EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.5 views

PT-2026-1029

Name of the Vulnerable Software and Affected Versions wasm3 versions up to 0.5.0 Description A flaw exists in wasm3 that could lead to memory corruption. The issue is related to the op SetSlot i32/op CallIndirect function within the m3 exec.h file. Manipulation of this function can trigger the...

5.3CVSS5.8AI score0.00175EPSS
Exploits1References11
redhatcve
redhatcve
added 2025/12/31 3:7 p.m.5 views

CVE-2025-15252

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS7AI score0.02862EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 3:7 p.m.6 views

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

9CVSS7.1AI score0.00632EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 9:12 a.m.4 views

CVE-2025-15234

A weakness has been identified in Tenda M3 1.0.0.134903. Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the...

9CVSS8.6AI score0.02475EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 8:10 a.m.5 views

CVE-2025-15233

A security flaw has been discovered in Tenda M3 1.0.0.134903. This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemU...

9CVSS8.4AI score0.00632EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 8:10 a.m.6 views

CVE-2025-15232

A vulnerability was identified in Tenda M3 1.0.0.134903. This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit ...

9CVSS7.1AI score0.00632EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 7:7 a.m.10 views

CVE-2025-15230

A vulnerability was found in Tenda M3 1.0.0.134903. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlantruckport results in heap-based buffer overflow. Remote exploitation of the attack is possible. The...

9CVSS8.3AI score0.00619EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/12/31 7:7 a.m.8 views

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

9CVSS8.9AI score0.00632EPSS
Exploits1References1
euvd
euvd
added 2025/12/30 3:30 p.m.4 views

EUVD-2025-205777

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS6.8AI score0.02862EPSS
Exploits1References7
nvd
nvd
added 2025/12/30 3:15 p.m.7 views

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

9CVSS0.00632EPSS
Exploits1References5
osv
osv
added 2025/12/30 3:15 p.m.5 views

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

8.7CVSS6.4AI score0.00632EPSS
Exploits1References5
nvd
nvd
added 2025/12/30 3:15 p.m.5 views

CVE-2025-15252

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS0.02862EPSS
Exploits1References5
osv
osv
added 2025/12/30 3:15 p.m.3 views

CVE-2025-15252

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

8.7CVSS6.4AI score0.02862EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/12/30 3:2 p.m.6 views

CVE-2025-15253 Tenda M3 exeCommand stack-based overflow

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

9CVSS7AI score0.00632EPSS
Exploits1References5
cve
cve
added 2025/12/30 3:2 p.m.33 views

CVE-2025-15253

The CVE-2025-15253 issue affects Tenda M3 (version 1.0.0.13(4903)) via an unknown function in /goform/exeCommand where improper handling of the cmdinput parameter causes a stack-based overflow. Multiple connected sources (CNVD-2026-06098, RH:CVE-2025-15253, CNNVD-202512-5119, CVELIST/CVE-2025-152...

9CVSS7AI score0.00632EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder