EUVD-2026-11505

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

CVE-2026-3973

CVE-2026-3973 affects Tenda W3 1.0.0.3(2204). The vulnerability is in the POST /goform/setAutoPing handler (formSetAutoPing) where manipulating ping1/ping2 triggers a stack-based buffer overflow. The issue is exploitable remotely with a publicly disclosed exploit. CVSS-based metrics indicate HIGH...

CVE-2026-3973 Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

CVE-2026-3973

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

CVE-2026-3973 Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

EUVD-2022-38445

Malicious code in bioql PyPI...

CVE-2024-37642

TRENDnet TEW-814DAP v1FW1.01B01 was discovered to contain a command injection vulnerability via the ipv4ping, ipv6ping parameter at /formSystemCheck...

PT-2024-35983

Name of the Vulnerable Software and Affected Versions: Victure RX1800 WiFi 6 Router version EN V1.0.0 r12 110933 Description: An issue was discovered in Victure RX1800 WiFi 6 Router devices, where certain "/cgi-bin/luci/admin" endpoints are vulnerable to command injection. Attackers can exploit...

CVE-2024-36060

CVE-2024-36060 affects EnGenius EnStation5-AC A8J-ENS500AC (version 1.0.0). The vulnerability is a blind OS command injection through shell metacharacters in the Ping and Speed Test parameters. CVSSv3.1 base score is 8.8 (HIGH) with adjacent access, no user interaction, and all impact metrics HIG...

CVE-2022-35559

A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.94122, which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution...