EUVD-2022-29061

Malicious code in bioql PyPI...

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.05.16, which originates from the parameter remoteIp in the file /goform/SetRemoteWebCfg that fails to correctly validate the length of the input data, and can be...

CVE-2025-5849

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer...

Tenda AC9 安全漏洞

Tenda AC9 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC9 version 15.03.02.13, which originates from the parameter remoteIp in the file /goform/SetRemoteWebCfg that fails to correctly validate the length of the input data, and can be exploit...

PT-2025-24388 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.16 Description: A critical vulnerability was found in the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to a stack-based buffer overflow. The atta...

D-Link DIR-816 安全漏洞

The D-Link DIR-816 is a wireless router from China's AUO D-Link. The D-Link DIR-816 suffers from a command injection vulnerability that stems from the parameter localIP/remoteIP in the file /goform/setipsecconfig failing to correctly filter constructed command special characters, commands, and so...

CVE-2024-33835

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...

CVE-2022-24150

Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function formSetSafeWanWebMan. This vulnerability allows attackers to execute arbitrary commands via the remoteIp parameter...

Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times

Summary The PROXY command is accepted multiple times, allowing a client to spoof its IP address when the proxy protocol is being used. Details When ProxyOn is enabled, it looks like the PROXY command will be accepted multiple times, with later invocations overriding earlier ones. The proxy protoc...

CVE-2024-33835

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...

CVE-2024-33835

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...

CVE-2024-33835

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...

Tenda AC18 安全漏洞

Tenda AC18 is a wireless router manufactured by Tenda. A stack overflow vulnerability exists in the formSetSafeWanWebMan function in Tenda AC18 version V15.03.05.05, which stems from improper handling of the remoteIp parameter. An attacker can exploit this vulnerability to remotely execute...

CVE-2024-33835

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function...

CVE-2024-33835

CVE-2024-33835 affects the Tenda AC18 router (version 15.03.05.05). The vulnerability is a stack overflow in the remoteIp parameter within the formSetSafeWanWebMan function. Impact is described as remote code execution with high severity (CVSSv3.1: 9.8, Network attack, no user interaction). Conne...

PT-2024-25504 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue is a stack overflow vulnerability. It occurs in the remoteIp parameter from the formSetSafeWanWebMan function. Recommendations: For Tenda AC18 version 15.03.05.05, as a temporary workaroun...

CVE-2024-3874

CVE-2024-3874 affects Tenda W20E devices (v13.11.0.6 family as referenced) where the vulnerable code path is the function formSetRemoteWebManage in /goform/SetRemoteWebManage. The root cause is a stack-based buffer overflow triggered by manipulating the remoteIP parameter, allowing a remote attac...

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

SUSE CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

VulnCheck KEV: CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted...