3 matches found
CVE-2025-9023
A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-46993
In TOTOLINK A3300R V17.0.0cu.557B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection...
PT-2022-23477 · Tenda · Tenda Ac9
Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.05.19 Description: A stack overflow issue was discovered via the time parameter at the "/goform/SetLEDCfg" API endpoint. Recommendations: For Tenda AC9 version 15.03.05.19, avoid using the time parameter in the...