Lucene search
K

11 matches found

EUVD
EUVD
added 2026/04/13 12:30 a.m.7 views

EUVD-2026-21749

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS5.5AI score0.02175EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/12 10:30 p.m.1 views

CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS5.5AI score0.02175EPSS
Exploits0References5
NVD
NVD
added 2025/08/15 9:15 a.m.7 views

CVE-2025-9023

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9CVSS0.00739EPSS
Exploits1References7
OSV
OSV
added 2025/08/15 9:15 a.m.9 views

CVE-2025-9023

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

8.7CVSS6.2AI score0.00739EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/08/15 8:32 a.m.5 views

CVE-2025-9023 Tenda AC7/AC18 SetLEDCfg formSetSchedLed buffer overflow

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9CVSS7.3AI score0.00739EPSS
Exploits1References7
OSV
OSV
added 2025/06/08 11:15 p.m.5 views

CVE-2025-5850

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack c...

8.7CVSS6.5AI score0.0408EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.5 views

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setledonoff function to correctly filter constructed command special characters, commands, etc. The...

9.1CVSS7.8AI score0.22827EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.6 views

The vulnerability of the sub_42BD7C() function in the /goform/SetLEDCfg file of the Tenda TX9 Pro router’s microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub42BD7C function in the /goform/SetLEDCfg file of the Tenda TX9 Pro router’s microprogramming system is related to buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

9CVSS8.1AI score0.01453EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/10/31 3:15 p.m.5 views

CVE-2023-46993

In TOTOLINK A3300R V17.0.0cu.557B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection...

9.8CVSS5.8AI score0.01515EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.4 views

Tenda AC9 缓冲区错误漏洞

Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 firmware version V15.03.05.19, which stems from its /goform/SetLEDCfg component's manipulation of the parameter time that allows a remote attacker to submit a special request resulting in a stack overflo...

7.2CVSS7.1AI score0.00906EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/31 12:0 a.m.5 views

PT-2022-23477 · Tenda · Tenda Ac9

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.05.19 Description: A stack overflow issue was discovered via the time parameter at the "/goform/SetLEDCfg" API endpoint. Recommendations: For Tenda AC9 version 15.03.05.19, avoid using the time parameter in the...

7.2CVSS7AI score0.00906EPSS
Exploits1References3
Rows per page
Query Builder