CVE-2026-7057

A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published a...

CVE-2025-57528

An issue was discovered in Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01 allowing attackers to cause a denial of service via the funcname, funcpara1, funcpara2 parameters to the formSetCfm function uri path: SetCfm...

PT-2025-38541

Name of the Vulnerable Software and Affected Versions Tenda AC6 versions 15.03.05.16 Description An issue exists in Tenda AC6 that allows attackers to cause a denial of service. This is achieved by manipulating the funcname, funcpara1, and funcpara2 parameters within the /SetCfm API endpoint,...

CVE-2024-0991

A vulnerability has been found in Tenda i6 1.0.0.93857 and classified as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated...