PT-2026-28699

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow can occur in the fromSetSysTime function within the /goform/SetSysTimeCfg file, specifically through manipulation of the Time argument via a POST request. This allows for...

PT-2026-28735

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A flaw exists in the Tenda F453 device. The issue is a stack-based buffer overflow within the fromPPTPUserSetting function, located in the /goform/PPTPUserSetting file of the httpd component. Manipulation...

PT-2026-28686

Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.05.16 Description A stack-based buffer overflow exists in the fromWizardHandle function of the /goform/WizardHandle file within the POST Request Handler component. Manipulation of the WANT/WANS argument can trigger this...

PT-2026-28687

Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.05.16 Description A flaw exists in the Tenda AC6 device that allows for a stack-based buffer overflow. This occurs through the manipulation of the PPPOEPassword argument within the formQuickIndex function, located in th...

PT-2026-28700

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.19 Description A flaw exists in the Tenda AC15 router that allows remote attackers to trigger a stack-based buffer overflow. The issue is located within the POST Request Handler component, specifically in the...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters in the file/goform/WifiWpsOOB, which may lead to a stack buffer overflow...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters WANT/WANS in files located at goform/WizardHandle, which may lead to a stack buffer overflow...

Important: libtiff

Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages: libtiff...

PT-2026-28754

Name of the Vulnerable Software and Affected Versions Tenda FH1201 version 1.2.0.14408 Description A flaw exists in the Tenda FH1201 that may allow for remote execution of code. The issue is located within the formWrlExtraSet function of the /goform/WrlExtraSet file, part of the Parameter Handler...

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.19 of the Tenda AC15 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/setcfm, specifically funcpara1. It may lead to a stack-based buffer...

Linux Distros Unpatched Vulnerability : CVE-2026-33532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior...

CVE-2026-4905 Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflow

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible...

CVE-2026-4905 Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflow

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible...

CVE-2026-4905

CVE-2026-4905 affects Tenda AC5 firmware version 15.03.06.47. The vulnerability lies in the POST Request Handler’s function formWifiWpsOOB (file /goform/WifiWpsOOB), where manipulating the argument index leads to a stack-based buffer overflow. Remote exploitation is possible, and the exploit has ...

CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

CVE-2026-4904

CVE-2026-4904 affects Tenda AC5 firmware version 15.03.06.47. The flaw resides in the POST handler’s /goform/setcfm function SetCfm, where manipulation of the funcpara1 argument can trigger a stack-based buffer overflow. Exploitation is possible remotely, and public exploit disclosure is noted. T...

CVE-2026-4904

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

CVE-2026-4903

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

CVE-2026-4902 Tenda AC5 POST Request addressNat fromAddressNat memory corruption

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...