CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/30 3:30 p.m.•3 views

EUVD-2025-205777

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS6.8AI score0.02862EPSS

Exploits1References7

NVD•added 2025/12/30 3:15 p.m.•6 views

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

OSV•added 2025/12/30 3:15 p.m.•4 views

CVE-2025-15253

8.7CVSS6.4AI score

Exploits0References5

Cvelist•added 2025/12/30 3:2 p.m.•23 views

CVE-2025-15253 Tenda M3 exeCommand stack-based overflow

EUVD•added 2025/12/30 3:2 p.m.•3 views

EUVD-2025-205778

9CVSS6.8AI score0.00632EPSS

Exploits1References7

Vulnrichment•added 2025/12/30 3:2 p.m.•5 views

CVE-2025-15253 Tenda M3 exeCommand stack-based overflow

9CVSS7AI score0.00632EPSS

Cvelist•added 2025/12/30 2:32 p.m.•24 views

CVE-2025-15252 Tenda M3 setDhcpAP formSetRemoteDhcpForAp stack-based overflow

9CVSS0.02862EPSS

Vulnrichment•added 2025/12/30 2:32 p.m.•3 views

CVE-2025-15252 Tenda M3 setDhcpAP formSetRemoteDhcpForAp stack-based overflow

9CVSS7AI score0.02862EPSS

CVE•added 2025/12/30 2:32 p.m.•8 views

CVE-2025-15252

Affected product: Tenda M3, version 1.0.0.13(4903). Vulnerable component: function formSetRemoteDhcpForAp in /goform/setDhcpAP. Root cause: manipulation of arguments startip, endip, leasetime, gateway, dns1, dns2 leads to a stack-based buffer overflow. Impact: remote attacker can trigger the over...

9CVSS7AI score0.02862EPSS

Exploits1References5Affected Software1

RedhatCVE•added 2025/12/30 2:5 p.m.•2 views

CVE-2025-15190

A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public...

9CVSS7.1AI score0.00693EPSS

RedhatCVE•added 2025/12/30 9:3 a.m.•6 views

CVE-2025-15180

A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/webExcptypemanFilte of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The...

8.6CVSS7.2AI score0.01005EPSS

RedhatCVE•added 2025/12/30 8:16 a.m.•14 views

CVE-2025-15178

A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/VirtualSer of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has be...

8.6CVSS7.1AI score0.00679EPSS

RedhatCVE•added 2025/12/30 8:16 a.m.•7 views

CVE-2025-15179

A vulnerability was determined in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/qossetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

8.6CVSS7.3AI score0.008EPSS

NVD•added 2025/12/30 8:15 a.m.•3 views

CVE-2025-15232

A vulnerability was identified in Tenda M3 1.0.0.134903. This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit ...

Cvelist•added 2025/12/30 7:32 a.m.•21 views

CVE-2025-15232 Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow

Vulnrichment•added 2025/12/30 7:32 a.m.•3 views

CVE-2025-15232 Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow

9CVSS7AI score0.00632EPSS

CVE•added 2025/12/30 7:32 a.m.•8 views

CVE-2025-15232

The CVE affects Tenda M3 firmware 1.0.0.13(4903). The bug is in the formSetAdPushInfo function of /goform/setAdPushInfo, where manipulating the mac/terminal argument causes a stack-based buffer overflow. This enables remote exploitation, and an exploit is publicly available. Public sources (PT-20...

9CVSS8.8AI score0.00632EPSS

Exploits1References5Affected Software1

RedhatCVE•added 2025/12/30 7:7 a.m.•10 views

CVE-2025-15177

A vulnerability has been found in Tenda WH450 1.0.0.18. This vulnerability affects unknown code of the file /goform/SetIpBind of the component HTTP Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has be...

8.6CVSS7.2AI score0.00679EPSS

Exploits3References1

Cvelist•added 2025/12/30 7:2 a.m.•25 views

CVE-2025-15231 Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...