CVE-2024-2490

A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-2490

CVE-2024-2490 affects Tenda AC18 with firmware 15.03.05.05. The vulnerability is a stack-based buffer overflow in the setSchedWifi function (/goform/openSchedWifi) caused by improper handling of schedStartTime/schedEndTime, exploitable remotely and publicly disclosed. There is no confirmed patch ...

CVE-2024-2487

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack can be initiated...

CVE-2024-2489 Tenda AC18 SetNetControlList formSetQosBand stack-based overflow

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has...

CVE-2024-2488

CVE-2024-2488 affects Tenda AC18 (firmware 15.03.05.05). The issue is a stack-based buffer overflow in the startIP parameter of the function formSetPPTPServer in /goform/SetPptpServerCfg . It can be exploited remotely and has been publicly disclosed, with potential impact on confidentiality, inte...

CVE-2024-2487

CVE-2024-2487 affects the Tenda AC18 router (version 15.03.05.05). The vulnerability is in the function formSetDeviceName of the file /goform/SetOnlineDevName, where manipulating the devName/mac arguments causes a stack-based buffer overflow. Impact details per sources indicate the issue can be e...

CVE-2024-2486

A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. Th...

CVE-2024-2486

CVE-2024-2486 affects Tenda AC18 firmware version 15.03.05.05. The issue is a stack-based buffer overflow in the formQuickIndex function of /goform/QuickIndex caused by manipulating the PPPOEPassword parameter. The vulnerability can be exploited remotely, and public exploits have been disclosed (...

CVE-2024-2485

A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speeddir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

CVE-2024-2485

The CVE-2024-2485 issue affects Tenda AC18, version 15.03.05.05, specifically the function formSetSpeedWan in the /goform/SetSpeedWan endpoint. A vulnerability in the speed_dir argument causes a stack-based buffer overflow, which can be exploited remotely and may impact confidentiality, integrity...

Debian dla-3762 : unadf - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3762 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3762-1 [email protected]...

Stack-based Buffer Overflow

libmicrohttpd.so is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to boundary error when handling overly long authentication headers inthe MHDdigestauthcheck function. This flaw allows remote attackers to cause a denial of service or possibly execute arbitrary code via a...

CVE-2024-22039

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x IP6 All versions IP6 SR3, Cerberus PRO EN Fire Panel FC72x IP7 All versions IP7 SR5, Cerberus PRO EN X200 Cloud Distribution IP7 All versions V3.0.6602, Cerberus PRO EN X200...

CVE-2024-22039

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x IP6 All versions IP6 SR3, Cerberus PRO EN Fire Panel FC72x IP7 All versions IP7 SR5, Cerberus PRO EN X200 Cloud Distribution IP7 All versions V3.0.6602, Cerberus PRO EN X200...

CVE-2024-25331

DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution RCE vulnerability elevated from HNAP Stack-Based Buffer Overflow...

CVE-2024-25331

DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution RCE vulnerability elevated from HNAP Stack-Based Buffer Overflow...

Dassault Systèmes eDrawings Viewer JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes SolidWorks eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Dassault Systèmes eDrawings X_T File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Stack overflow

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...

CVE-2024-1220 NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of...