CVE-2026-3378

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-3376

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3376

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3275

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be performed from remote. The exploit has been made...

EUVD-2026-8970

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of the argument mitssidindex leads to buffer overflow. The attack can be executed remotely. The exploi...

EUVD-2026-8984

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be performed from remote. The exploit has been made...

CVE-2026-3274

CVE-2026-3274 affects Tenda F453 firmware version 1.0.0.3. The issue is in the httpd component, specifically the frmL7ProtForm function in /goform/L7Prot, where manipulating the argument page causes a buffer overflow. This can be exploited remotely over the network, and a public exploit is refere...

PT-2026-22247

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A buffer overflow issue exists in the httpd component of the Tenda F453 router. The issue is located in the fromDhcpListClient function within the /goform/DhcpListClient API endpoint. Manipulation of the...

CVE-2026-2981

A vulnerability was found in UTT HiPER 810G up to 1.7.7-1711. The affected element is the function strcpy of the file /goform/formTaskEditap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be launched remotely. The exploit has been made public and could be use...

CVE-2026-2961

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried...

CVE-2026-3015

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/formPolicyRouteConf. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclose...

CVE-2026-3015

Affected product: UTT HiPER 810G (up to version 1.7.7-171114). Vulnerable component: strcpy in /goform/formPolicyRouteConf, vulnerable when processing the GroupName argument. Root cause: buffer overflow triggered by GroupName handling. Impact: network-exposed, with high confidentiality, integrity...

CVE-2026-2981

A vulnerability was found in UTT HiPER 810G up to 1.7.7-1711. The affected element is the function strcpy of the file /goform/formTaskEditap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be launched remotely. The exploit has been made public and could be use...

CVE-2026-2935

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to...

CVE-2026-2935 UTT HiPER 810G ConfigExceptMSN strcpy buffer overflow

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to...

CVE-2026-2935

The CVE reports a buffer overflow in UTT HiPER 810G (up to version 1.7.7-171114) in the strcpy usage of /goform/ConfigExceptMSN when remark is manipulated. Impact is described as remote execution with high severity (ATT&CK not specified in the documents); exploit publicly available and possible f...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a security vulnerability caused by a buffer overflow. This vulnerability could allow remote attackers to modify memory o...

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

EUVD-2026-5727

A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched...

EUVD-2026-5027

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...