CVE-2025-41766

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise...

CVE-2025-41766 Stack buffer overflow on parsing web request

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise...

CVE-2025-41766 Stack buffer overflow on parsing web request

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise...

CVE-2026-3808

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

CVE-2026-3810

A vulnerability has been found in Tenda FH1202 1.2.0.14408. This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

CVE-2026-3808

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

CVE-2026-3809

A flaw has been found in Tenda FH1202 1.2.0.14408. The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2026-3810

A vulnerability has been found in Tenda FH1202 1.2.0.14408. This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

CVE-2026-3697

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

CVE-2026-3810 Tenda FH1202 DhcpListClient fromDhcpListClient stack-based overflow

A vulnerability has been found in Tenda FH1202 1.2.0.14408. This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

CVE-2026-3810 Tenda FH1202 DhcpListClient fromDhcpListClient stack-based overflow

A vulnerability has been found in Tenda FH1202 1.2.0.14408. This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to...

CVE-2026-3810

The CVE-2026-3810 entry concerns Tenda FH1202 firmware 1.2.0.14(408). The vulnerability lies in the function fromDhcpListClient in /goform/DhcpListClient, where manipulation of the argument page triggers a stack-based buffer overflow. This enables remote exploitation, with the exploit already dis...

CVE-2026-3809

CVE-2026-3809 affects the Tenda FH1202 with firmware 1.2.0.14(408). The vulnerable element is the function fromNatStaticSetting in /goform/NatSaticSetting. Manipulating the argument page can cause a stack-based buffer overflow. The attack may be launched remotely and an exploit has been published...

CVE-2026-3809 Tenda FH1202 NatSaticSetting fromNatStaticSetting stack-based overflow

A flaw has been found in Tenda FH1202 1.2.0.14408. The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2026-3809

A flaw has been found in Tenda FH1202 1.2.0.14408. The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2026-3807

A security vulnerability has been detected in Tenda FH1202 1.2.0.14408. Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mitssid/mitssidindex leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

CVE-2026-3808 Tenda FH1202 webtypelibrary formWebTypeLibrary stack-based overflow

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

CVE-2026-3808

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

CVE-2026-3808 Tenda FH1202 webtypelibrary formWebTypeLibrary stack-based overflow

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

CVE-2026-3808

CVE-2026-3808 affects Tenda FH1202 (firmware 1.2.0.14(408)). The vulnerability is in the function formWebTypeLibrary of /goform/webtypelibrary; manipulating the webSiteId argument triggers a stack-based buffer overflow. Exploitation is possible remotely and the exploit is public. CVSS data from V...