16 matches found
CVE-2026-2886
A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...
CVE-2026-2886 Tenda A21 SetOnlineDevName set_device_name stack-based overflow
A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...
The vulnerabilities of the s390/dasd components of the Linux operating system’s kernel, which allow a hacker to trigger a service failure
The vulnerability of the s390/dasd components in the Linux operating system’s kernel is related to incorrect calculations in the dasdgenericsetonline function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerabilities of the s390/cio components of Linux kernel, which allow a hacker to trigger a service failure
The vulnerability of the s390/cio component of the Linux operating system’s kernel is related to the state of the ccwdevicesetonline function. Exploiting this vulnerability can allow an attacker to gain increased privileges within the system...
PT-2024-8701 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.19 Description: A critical issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName, where the manipulation of the argument devName leads to a stack-based buffer overflow. This can be...
PT-2024-37598 · Tenda · Tenda A301
Name of the Vulnerable Software and Affected Versions: Tenda A301 version 15.13.08.12 Description: A critical issue was found in the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to a stack-based buffer overflow. This issue can...
CVE-2024-4238
A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this vulnerability is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched...
PT-2024-8485 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: A critical issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to a stack-based buffer overflow in the memory. This can ...
PT-2024-2265 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical issue affects the formSetDeviceName function of the /goform/SetOnlineDevName file, leading to a stack-based buffer overflow when the devName or mac argument is manipulated. This can be...
PT-2024-1455 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda A15 version 15.13.07.13 Description: A critical vulnerability has been found in the Web-based Management Interface of Tenda A15. The issue is related to a stack-based buffer overflow caused by the manipulation of the mac argument in the...
CVE-2023-49428
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName...
PT-2023-7508 · Tenda · Tenda Ax12
Name of the Vulnerable Software and Affected Versions: Tenda AX12 version V22.03.01.46 Description: The issue is related to a command injection vulnerability in the mac parameter at the "/goform/SetOnlineDevName" API endpoint. This vulnerability is due to the lack of input validation when...
PT-2023-31221 · Tenda · Tenda Ax9
Name of the Vulnerable Software and Affected Versions: Tenda AX9 version V22.03.01.46 Description: A command injection issue has been discovered in the mac parameter at the "/goform/SetOnlineDevName" API endpoint. This allows for potential command injection attacks. Recommendations: For Tenda AX9...
CVE-2023-34570
Tenda AC10 v4 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName...
CVE-2021-25812
Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/setonlineclient...
Command injection
Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/setonlineclient...