CVE-2026-36811

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36811

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

PT-2026-48202

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the picName parameter of the formDelwebAuthPic function, which could allow attackers to cause...

CVE-2026-36811

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36811

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36811

CVE-2026-36811 affects Shenzhen Tenda Technology Co., Ltd. — Tenda W15E v15.11.0.10. The issue is a buffer overflow in the picName parameter of the formDelwebAuthPic function, which leads to a Denial of Service (DoS) via a crafted HTTP request. Exploitation details are not provided in the availab...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24109

CVE-2026-24109 affects the Tenda W20E router firmware (V4.0br_V15.11.0.6). The issue is a buffer overflow caused by unsafely using the value of the variable picName in sprintf without validating its size, which may allow remote attackers to exploit via network access. Documented impacts are high ...

production_ssm 路径遍历漏洞

productionssm is an ERP system developed by MegaGao’s individual developers, utilizing technologies such as Spring+SpringMVC+Mybatis, along with jQuery EasyUI. The version 4288d53bd35757b27f2d070057aefb2c07bdd097 and earlier versions of productionssm have a path traversal vulnerability. This...

EUVD-2022-48580

Malicious code in bioql PyPI...

EUVD-2025-26146

Malicious code in bioql PyPI...

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-9585 Comfast CF-N1 webmgnt wifilith_delete_pic_file command injection

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter portaldeletepicname in the file /usr/bin/webmgnt...

CVE-2022-45721

IP-COM M50 V15.11.0.3310768 was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function...

CVE-2018-13025

protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter...

The vulnerability of the formDelWewifiPic() function in the microprogramming software for Tenda W15E routers allows a hacker to induce a service failure.

The vulnerability of the formDelWewifiPic function in the Tenda W15E router software is related to the operation of writing data outside the buffer in memory when processing the picName parameter. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a speciall...