CVE-2026-3970 Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-3970

CVE-2026-3970 affects Tenda i3 1.0.0.6(2204). The vulnerability is in the function formwrlSSIDget of the file /goform/wifiSSIDget, where manipulation of the argument index can trigger a stack-based buffer overflow . It can be exploited remotely, and a working exploit has been published. The provi...

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicly reported vulnerability. An attacker who successfully exploited these vulnerabilities could cause a crash, denial-of-service DoS, or potentially...

PT-2026-24916

A weakness has been identified in Tenda W3 1.0.0.32204. Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch t...

CVE-2026-25823

Affected products: HMS Networks Ewon Flexy (firmware before 15.0s4) and Cosy+ (firmware before 22.1s6 and before 23.0s3). Issue: stack buffer overflow in the affected WEB/firmware stack leads to Denial of Service, with potential for Unauthenticated Remote Code Execution. Root cause: insufficient ...

PT-2026-24931

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

PT-2026-24907

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

PT-2026-24915

A security flaw has been discovered in Tenda W3 1.0.0.32204. This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component POST Parameter Handler. Performing a manipulation of the argument wl radio results in stack-based buffer overflow. It is possible...

PT-2026-24903

A vulnerability has been found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has bee...

PT-2026-24961

A security vulnerability has been detected in Tenda i12 1.0.0.62204. The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclos...

CVE-2026-25823

HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...

Tenda i3 安全漏洞

The Tenda i3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “index/GO” in the file/goform/wifiSSIDset, which may lead to a stack buffe...

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters ping1/ping2 in the file/goform/setAutoPing, which may lead to a stack buffer...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/setcfm, specifically parameter funcpara1, which may lead to a stack buffe...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/WifiMacFilterGet, specifically the wlradio parameter, which may lead to a...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formEasySetupWizard3, specifically the parameter “wanconnected”. This...

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the component POST Parameter Handler, specifically the...

flatted 安全漏洞

Flatted is a lightweight and fast cycle-based JSON parser developed by Andrea Giammarchi. Versions of Flatted prior to 3.4.0 contained a security vulnerability. This vulnerability stemmed from the recursive depth of the parse function when handling specially crafted payloads, which could lead to ...

Tenda W3 安全漏洞

Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameter index in the component POST Parameter Handler, specifically in the file/goform/wifiSSIDget...

PT-2026-24902

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...