354 matches found
CVE-2025-10120
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-10120
The CVE-2025-10120 entry affects Tenda AC20 before 16.03.08.12. The vulnerability is a buffer overflow in the strcpy usage of /goform/GetParentControlInfo when processing the mac parameter. It can be triggered remotely, and public PoCs/exploits exist. Impact is consistent with high-severity, incl...
Tenda AC20 安全漏洞
Tenda AC20 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from the improper handling of the mac parameter in the strcpy function in the /goform/GetParentControlInfo file. The vulnerability can be...
CVE-2025-57061
Tenda G3 v3.0brV15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-9780 TOTOLINK A702R formIpQoS sub_419BE0 buffer overflow
A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-9780 TOTOLINK A702R formIpQoS sub_419BE0 buffer overflow
A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-9605
A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...
Tenda AC23和Tenda AC21 安全漏洞
Tenda AC23 and Tenda AC21 are both products of Tenda, a Chinese company.Tenda AC23 is a dual-band gigabit wireless router.Tenda AC21 is a wireless router. A security vulnerability exists in Tenda AC23 and Tenda AC21 version 16.03.08.16, which originates from a stack buffer overflow due to incorre...
CVE-2025-9586 Comfast CF-N1 webmgnt wireless_device_dissoc command injection
A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wirelessdevicedissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available...
CVE-2025-9580
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9580
CVE-2025-9580 affects LB-LINK BL-X26 v1.2.8. The vulnerability lies in the HTTP Handler’s /goform/set_blacklist where manipulating the mac argument enables OS command injection. Exploitation is possible remotely and publicly disclosed; at least one advisory notes exploitation and lack of vendor r...
LB-LINK BL-X26 安全漏洞
LB-LINK BL-X26 is a wireless router from China Bilink LB-LINK. A security vulnerability exists in the LB-LINK BL-X26 version 1.2.8, which originates from an incorrect operation of the parameter mac in the file /goform/setblacklist resulting in os command injection...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter mac in the file /usr/bin/webmgnt...
CVE-2025-9523
A vulnerability was detected in Tenda AC1206 15.03.06.23. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public an...
Tenda AC1206 安全漏洞
The Tenda AC1206 is a wireless gigabit router from Tenda China. A security vulnerability exists in the Tenda AC1206 version 15.03.06.23, which originates from a stack buffer overflow due to incorrect manipulation of the mac parameter in the file /goform/GetParentControlInfo...
CVE-2025-55613
Tenda O3V2 1.0.0.123880 is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter...
PT-2025-34474 · Tenda · Tenda O3V2
Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: The Tenda O3V2 device is susceptible to a buffer overflow issue within the fromSafeSetMacFilter function. The vulnerability is triggered by manipulating the mac parameter. Recommendations: Update t...
CVE-2025-55613
Tenda O3V2 1.0.0.123880 is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter...
Tenda O3V2 安全漏洞
Tenda O3V2 is an outdoor wireless bridge from Tenda China. A security vulnerability exists in Tenda O3V2 version 1.0.0.123880, which originates from a buffer overflow in the mac parameter of the fromSafeSetMacFilter function...