CVE-2024-0572

Totolink LR1200GB is affected by CVE-2024-0572: a buffer overflow in the setOpModeCfg function (file /cgi-bin/cstecgi.cgi) triggered by manipulating the pppoeUser parameter. This leads to a stack-based overflow and enables remote code execution. The vulnerability is publicly disclosed and has bee...

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service DoS condition and remote code execution RCE. "The two issues are fundamentally the same but exploitable at differen...

CVE-2024-0571

Totolink LR1200GB (version 9.1.0u.6619_B20230130) contains a stack-based buffer overflow in the function setSmsCfg of /cgi-bin/cstecgi.cgi. The vulnerability is triggered by manipulating the text argument, enabling remote exploitation and potentially arbitrary code execution or denial of service....

EulerOS 2.0 SP11 : file (EulerOS-SA-2023-3004)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project. CVE-2022-48554...

CVE-2023-7206 Horner Automation Cscape Stack-Based Buffer Overflow

In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape...

CVE-2024-0541

A vulnerability was found in Tenda W9 1.0.0.74456. It has been declared as critical. Affected by this vulnerability is the function formAddSysLogRule of the component httpd. The manipulation of the argument sysRulenEn leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2024-0540

A vulnerability was found in Tenda W9 1.0.0.74456. It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has bee...

Stack overflow

A vulnerability was found in Tenda W9 1.0.0.74456. It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has bee...

Stack overflow

A vulnerability was found in Tenda W9 1.0.0.74456. It has been declared as critical. Affected by this vulnerability is the function formAddSysLogRule of the component httpd. The manipulation of the argument sysRulenEn leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2024-0542

CVE-2024-0542 concerns a stack-based buffer overflow in the Tenda W9 1.0.0.7(httpd) through the function formWifiMacFilterGet, triggered by manipulating the index parameter. Multiple connected sources (CNVD CNVD-2024-14312, CNVD/RedHat/other records) consistently describe a network-exposed vulner...

CVE-2024-0539

CVE-2024-0539 affects Tenda W9 v1.0.0.7(4456) via the httpd component’s formQosManage_user function. The vulnerability is a stack-based overflow triggered by manipulating the ssidIndex argument, allowing remote exploitation. Publicly disclosed exploit details exist, and multiple sources (NVD, CNV...

CVE-2024-0536

A vulnerability, which was classified as critical, has been found in Tenda W9 1.0.0.74456. Affected by this issue is the function setWrlAccessList of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be launched remotely. The...

Stack overflow

A vulnerability has been found in Tenda W9 1.0.0.74456 and classified as critical. This vulnerability affects the function formQosManageauto of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

CVE-2024-0537

The CVE-2024-0537 issue affects Tenda W9 1.0.0.7(4456) in the httpd component, specifically the setWrlBasicInfo function. The root cause is a stack-based buffer overflow triggered by manipulating the ssidIndex argument, enabling remote attack and potential arbitrary code execution. The vulnerabil...

CVE-2024-0537 Tenda W9 httpd setWrlBasicInfo stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda W9 1.0.0.74456. This affects the function setWrlBasicInfo of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-0536

CVE-2024-0536 affects Tenda W9 (firmware 1.0.0.7/4456) with a vulnerability in httpd.setWrlAccessList. The root cause is a stack-based buffer overflow triggered by manipulating the ssidIndex argument, enabling a remote attacker to potentially execute arbitrary code. Public disclosure of the explo...

CVE-2024-0534

A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch...

Stack overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The...

CVE-2024-0535 Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflow

A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. T...

CVE-2024-0533

CVE-2024-0533 affects Tenda A15 firmware 15.13.07.13 through the Web-based Management Interface, specifically the /goform/SetOnlineDevName handler. The root cause is a stack-based buffer overflow triggered by the devName parameter due to improper input validation. This vulnerability can be exploi...