CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443 Tenda CH22 editUserName formeditUserName buffer overflow

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443

CVE-2025-9443 affects the Tenda CH22 router (version 1.0.0.1). The vulnerability exists in the function formeditUserName in the file /goform/editUserName , where manipulating the argument new_account can trigger a buffer overflow . Remote exploitation is possible, and the exploit has been publish...

CVE-2025-9303

A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit ha...

PT-2025-34228 · Totolink · Totolink A720R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.630 B20250509 Description: A security flaw exists in TOTOLINK A720R 4.1.5cu.630 B20250509. The issue affects the setParentalRules function within the /cgi-bin/cstecgi.cgi file and allows for remote buffer overfl...

CVE-2025-9248

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function RPpingGatewayByBBS of the file /goform/RPpingGatewayByBBS. The manipulation of the argument ssidhex results in...

CVE-2025-9007

A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-9006

A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8939

A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

CVE-2025-9023 Tenda AC7/AC18 SetLEDCfg formSetSchedLed buffer overflow

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-9006

A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

PT-2025-33438 · Tenda · Tenda Ch22

Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A buffer overflow vulnerability exists in the formeditFileName function within the /goform/editFileName file. The issue can be exploited remotely. The exploit for this vulnerability has been publicly...

CVE-2025-53711

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The attac...

CVE-2025-8160

A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The...

CVE-2025-8139

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been classified as critical. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possible to...

CVE-2025-8136

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

PT-2025-30436 · Shenzhen Libituo Technology Co. · Lbt-T300-T310

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology LBT-T300-T310 version 2.2.3.6 Description: A critical remote buffer overflow vulnerability exists in the sub 40B6F0 function of the /appy.cgi file. The vulnerability is triggered by manipulating the wan proto...

CVE-2025-7793

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit...

CVE-2025-7747

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack...