CVE-2024-4248 Tenda i21 formQosManage_user stack-based overflow

A vulnerability was found in Tenda i21 1.0.0.144656 and classified as critical. This issue affects the function formQosManageuser. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The associated identifier of this vulnerability...

CVE-2024-4247 Tenda i21 formQosManage_auto stack-based overflow

A vulnerability has been found in Tenda i21 1.0.0.144656 and classified as critical. This vulnerability affects the function formQosManageauto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. VDB-262138 is the identifier...

CVE-2024-4243 Tenda W9 wifiSSIDset formwrlSSIDset stack-based overflow

A vulnerability classified as critical has been found in Tenda W9 1.0.0.74456. Affected is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has be...

CVE-2024-4241 Tenda W9 formQosManageDouble_auto stack-based overflow

A vulnerability was found in Tenda W9 1.0.0.74456. It has been declared as critical. This vulnerability affects the function formQosManageDoubleauto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. The identifier of this...

CVE-2024-4235

The CVE-2024-4235 entry concerns Netgear DG834Gv5 (Web Management Interface) with a vulnerability that allows cleartext storage of sensitive information. Affects version 1.6.01.34, enabling remote exploitation and reportedly with a publicly disclosed exploit. Multiple sources confirm an informati...

CVE-2024-4168 Tenda 4G300 sub_4260F0 stack-based overflow

A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability...

CVE-2024-4164 Tenda G3 ModifyPppAuthWhiteMac formModifyPppAuthWhiteMac stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.179502. This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The...

unbound: NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack)

A vulnerability was found in unbound. The attack can cause a resolver to spend a lot of time and resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside. This issue can trigger high CPU usage in some resolver implementations tha...

WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.25 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.0.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-4126

CVE-2024-4126 affects Tenda W15E devices running 15.11.0.14. The vulnerability is a stack-based buffer overflow in the formSetSysTimeCfg component’s SetSysTimeCfg, triggered by manipulating the manualTime argument. It appears exploitable remotely and has been publicly disclosed. The CVSS metrics ...

CVE-2024-4115

A vulnerability, which was classified as critical, was found in Tenda W15E 15.11.0.14. Affected is the function formAddDnsForward of the file /goform/AddDnsForward. The manipulation of the argument DnsForwardRule leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2024-4116

CVE-2024-4116 affects Tenda W15E firmware 15.11.0.14. The vulnerability resides in the function formDelDhcpRule in /goform/DelDhcpRule, where manipulating the delDhcpIndex argument leads to a stack-based buffer overflow. The issue is exploitable remotely and has public disclosure. Impact includes...

CVE-2024-4115

The CVE-2024-4115 entry concerns Tenda W15E firmware 15.11.0.14. A stack-based buffer overflow is triggered via the DnsForwardRule parameter in the /goform/AddDnsForward endpoint, specifically in the formAddDnsForward function. This vulnerability can be exploited remotely and has public exploit i...

CVE-2024-4111 Tenda TX9 SetLEDCfg sub_42BD7C stack-based overflow

A vulnerability was found in Tenda TX9 22.03.02.10. It has been rated as critical. Affected by this issue is the function sub42BD7C of the file /goform/SetLEDCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2024-4066

CVE-2024-4066 affects Tenda AC8 firmware 16.03.34.09. The vulnerability exists in function fromAdvSetMacMtuWan (file /goform/AdvSetMacMtuWan) where manipulating arguments wanMTU/wanSpeed/cloneType/mac/serviceName/serverName triggers a stack-based buffer overflow. It is exploitable remotely and pu...

CVE-2024-32142 WordPress Ovic Responsive WPBakery plugin <= 1.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0...

CVE-2024-32142 WordPress Ovic Responsive WPBakery plugin <= 1.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0...

PT-2024-24438 · WordPress · Ovic Responsive Wpbakery

Name of the Vulnerable Software and Affected Versions: Ovic Responsive WPBakery versions 1.3.0 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects Ovic Responsive WPBakery, allowing potential unauthorized access. Recommendations: For...

WordPress Plugin Ovic Responsive WPBakery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-3910

A vulnerability, which was classified as critical, has been found in Tenda AC500 2.0.1.91307. Affected by this issue is the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched...