PT-2025-29473 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in TOTOLINK T6 version 4.1.5cu.748. The vulnerability is located within the CloudSrvVersionCheck function of the /cgi-bin/cstecgi.cgi file, part of the HTTP POST Request...

PT-2025-29475 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK T6. The vulnerability is due to command injection in the clearPairCfg function within the /cgi-bin/cstecgi.cgi...

PT-2025-29460 · D Link · Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07.26A1 Description: A critical issue exists in the HTTP Request Handler component of the D-Link DI-8100. The vulnerability is a stack-based buffer overflow caused by manipulation of an unknown function within the...

CVE-2025-7505

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-7506

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...

CVE-2025-7506 Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...

CVE-2025-7468

A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attac...

CVE-2025-7468

A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attac...

CVE-2025-7465

A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can ...

CVE-2025-7463

A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mitssid leads to buffer overflow. The atta...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-7434 Tenda FH451 POST Request addressNat fromAddressNat stack-based overflow

A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may...

CVE-2025-7434

The CVE-2025-7434 issue affects Tenda FH451 (versions up to 1.0.0.9). Affected code is the fromAddressNat function in the /goform/addressNat file of the POST Request Handler. Manipulating the page argument leads to a stack-based buffer overflow, which can be triggered remotely. Exploit informatio...

PT-2025-29349 · Tenda · Tenda Fh451

Name of the Vulnerable Software and Affected Versions: Tenda FH451 version 1.0.0.9 Description: A critical vulnerability exists in Tenda FH451. The manipulation of the page argument in the frmL7ProtForm function within the HTTP POST Request Handler, located at the /goform/L7Prot endpoint, leads t...

PT-2025-29314 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the HTTP POST Request Handler component of the affected product. The fromSafeUrlFilter function within the /goform/fromSafeUrlFilter file is susceptible to a buffer...

PT-2025-29309 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The fromRouteStatic function within the HTTP POST Request Handler, located in the file /goform/fromRouteStatic, is susceptible to a buffer overflo...

PT-2025-29307 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The vulnerability affects the formWrlsafeset function within the /goform/AdvSetWrlsafeset file of the HTTP POST Request Handler component...

CVE-2025-7070

A vulnerability has been found in IROAD Dashcam Q9 up to 20250624 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component MFA Pairing Request Handler. The manipulation leads to allocation of resources. The attack needs to be done within the local...

PT-2025-28024 · Iroad · Iroad Dashcam Q9

Name of the Vulnerable Software and Affected Versions: IROAD Dashcam Q9 up to 20250624 Description: A vulnerability has been found in the component MFA Pairing Request Handler, affecting an unknown functionality. The manipulation leads to allocation of resources. The attack needs to be done withi...

CVE-2025-6953

A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is...