Lucene search
K

42 matches found

Cvelist
Cvelist
added 2022/03/18 8:53 p.m.34 views

CVE-2022-25457

Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function...

9.9AI score0.01665EPSS
Exploits1References1
CVE
CVE
added 2022/03/18 8:53 p.m.98 views

CVE-2022-25457

CVE-2022-25457 – Tenda AC6 : A stack overflow was found in Tenda AC6 v15.03.05.09_multi triggered by the ntpserver parameter in the SetSysTimeCfg function. The vulnerability is documented with a CVSS v3.1 base score of 9.8 (CRITICAL) and a CVSS v2.0 base score of 10.0, indicating NETWORK access, ...

10CVSS9.6AI score0.01665EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/03/18 8:53 p.m.124 views

CVE-2022-25440

CVE-2022-25440 affects Tenda AC9 router (v15.03.2.21). Root cause: a stack overflow in the SetSysTimeCfg function triggered by the ntpserver parameter. Impact indicators in sources describe potential to compromise confidentiality, integrity, and availability (high/critical). No explicit patch/ver...

10CVSS9.6AI score0.01665EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/18 8:53 p.m.21 views

CVE-2022-25440

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function...

9.9AI score0.01665EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/03/18 12:0 a.m.5 views

PT-2022-17295 · Tenda · Tenda Ac9

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.2.21 Description: A stack overflow issue was discovered via the ntpserver parameter in the SetSysTimeCfg function. Recommendations: For Tenda AC9 version 15.03.2.21, consider restricting access to the SetSysTimeCfg...

10CVSS9.5AI score0.01665EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/18 12:0 a.m.3 views

Tenda AC9 缓冲区错误漏洞

Tenda AC9 is a wireless router from Tenda, China.Tenda AC9 version 15.03.2.21 is vulnerable to a buffer overflow vulnerability, which stems from the ntpserver parameter in the SetSysTimeCfg function that does not properly validate data boundaries when performing operations on memory, and can be...

10CVSS6.3AI score0.01665EPSS
Exploits1References2
CNVD
CNVD
added 2022/03/14 12:0 a.m.19 views

Tenda AX1806 fromSetSysTime function stack overflow vulnerability

The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda AX1806 fromSetSysTime function, which can be exploited by an attacker to cause a Denial of Service DoS via the ntpServer parameter...

7.8CVSS7AI score0.01219EPSS
Exploits1References1
NVD
NVD
added 2022/03/10 5:47 p.m.16 views

CVE-2022-25555

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the ntpServer parameter...

7.8CVSS0.01219EPSS
Exploits1References1
OSV
OSV
added 2022/03/10 5:47 p.m.3 views

CVE-2022-25555

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the ntpServer parameter...

7.5CVSS5.9AI score0.01219EPSS
Exploits1References1
Prion
Prion
added 2022/03/10 5:47 p.m.15 views

Stack overflow

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the ntpServer parameter...

7.8CVSS7.6AI score0.01219EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

Tenda AX1806 缓冲区错误漏洞

The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda AX1806 fromSetSysTime function, which can be exploited by an attacker to cause a Denial of Service DoS via the ntpServer parameter...

7.8CVSS5.8AI score0.01219EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/09 6:27 p.m.22 views

CVE-2022-25555

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the ntpServer parameter...

7.8AI score0.01219EPSS
Exploits1References1
0day.today
0day.today
added 2019/11/12 12:0 a.m.90 views

Prima FlexAir Access Control 2.3.38 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Prima FlexAir Access Control 2.3.38 - Remote Code Execution Exploit Author: LiquidWorm Vendor Homepage: https://www.primasystems.eu/ Software Link: https://primasystems.eu/flexair-access-control/ Version: 2.3.38 Tested on: ...

9CVSS7.2AI score0.18306EPSS
Exploits5
OSV
OSV
added 2018/10/29 12:29 p.m.3 views

CVE-2018-18732

An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request,...

7.5CVSS6.2AI score0.01141EPSS
Exploits1References1
Prion
Prion
added 2018/10/29 12:29 p.m.18 views

Buffer overflow

An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request,...

7.8CVSS7.7AI score0.01141EPSS
Exploits1References1Affected Software5
NVD
NVD
added 2016/08/31 3:59 p.m.25 views

CVE-2016-5675

handledaylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter...

10CVSS9.8AI score0.70877EPSS
Exploits7References3
Prion
Prion
added 2016/08/31 3:59 p.m.15 views

Code injection

handledaylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter...

10CVSS8AI score0.70877EPSS
Exploits7References3Affected Software4
CNVD
CNVD
added 2016/08/02 12:0 a.m.5 views

Novell Filr Command Injection Vulnerability

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. An operating system command injection vulnerability exists in the vaconfig/time file in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. A remote attacker can exploit this...

9CVSS8.3AI score0.11343EPSS
Exploits4References1
OSV
OSV
added 2016/08/01 2:59 a.m.3 views

CVE-2016-1608

vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...

8.8CVSS6AI score0.11343EPSS
Exploits4References6
NVD
NVD
added 2016/08/01 2:59 a.m.19 views

CVE-2016-1608

vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...

9CVSS8.8AI score0.11343EPSS
Exploits4References6
Rows per page
Query Builder