104775 matches found
PT-2026-48203
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2026-48177
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wl radio parameter of the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-48212
Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36822
Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the macAddr parameter of the formDelStaState function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2026-48344
Summary An OS Command Injection vulnerability in the terminal action handler allows any authenticated user to execute arbitrary OS commands by injecting shell metacharacters into the 'dir' POST parameter, completely bypassing the TERMINAL COMMANDS whitelist and achieving full Remote Code Executio...
Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the apiuser parameter provided to the accessv2 endpoin...
CVE-2026-36813
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36805
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36778
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36803
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the qossetting function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36810
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the gotoUrl parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-36813
The CVE-2026-36813 affects Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10. A buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function enables a Denial of Service via a crafted HTTP request. Affected component: WewifiPic handling in W15E firmware. Root cause:...
CVE-2026-36783
The CVE-2026-36783 entry concerns Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). A stack overflow exists in the domain parameter of the fromNetToolGet function, enabling a Denial of Service via a crafted HTTP request. The Red Hat/NVD/CVE records reiterate this descrip...
CVE-2026-36792
CVE-2026-36792 affects Shenzhen Tenda Technology Co. Ltd. Tenda W3 Wireless Router v1.0.0.3(2204). A stack overflow in the wl_radio parameter of the formWifiRadioSet function can cause a Denial of Service via a crafted HTTP request. The entry notes a CVSSv3.1 base score of 7.5 (HIGH) with network...
CVE-2026-36771
CVE-2026-36771 affects Shenzhen Tenda Technology Co. Ltd. Tenda W3 Wireless Router v1.0.0.3(2204). The vulnerability is a stack overflow in the wl_radio parameter within the formwrlSSIDset function, which can cause a Denial of Service (DoS) under crafted input. The CVSS 3.1 vector indicates NETWO...
CVE-2026-36778
CVE-2026-36778 affects Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). The advisory states a stack overflow in the username parameter of the R7WebsSecurityHandler function, enabling an attacker to cause a Denial of Service via a crafted HTTP request. The Red Hat and NV...
CVE-2026-36821
The CVE-2026-36821 entry concerns Shenzhen Tenda Technology Co., Ltd. Tenda W20E devices (v15.11.0.6). A buffer overflow exists in the picCropName parameter of the formCropAndSetWewifiPic function, enabling a Denial of Service (DoS) via a crafted HTTP request. Public sources list this as the affe...
CVE-2026-36811
CVE-2026-36811 affects Shenzhen Tenda Technology Co., Ltd. — Tenda W15E v15.11.0.10. The issue is a buffer overflow in the picName parameter of the formDelwebAuthPic function, which leads to a Denial of Service (DoS) via a crafted HTTP request. Exploitation details are not provided in the availab...
CVE-2026-36822
CVE-2026-36822 affects Shenzhen Tenda Technology Co., Ltd. Tenda W20E v15.11.0.6. The issue is a buffer overflow in the macAddr parameter of the formDelStaState function, enabling a Denial of Service via a crafted HTTP request. No exploitation specifics or mitigations are provided in the document...
CVE-2026-36810
CVE-2026-36810 concerns Shenzhen Tenda Technology Co., Ltd. Tenda W15E (v15.11.0.10). A buffer overflow is reported in the gotoUrl parameter of the formPortalAuth function, enabling a Denial of Service (DoS) via a crafted HTTP request. The available documents consistently describe this vulnerabil...