Stack overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be launched remotely...

Stack overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2024-0998

Totolink N200RE is affected by a stack-based buffer overflow in setDiagnosisCfg when processing the ip parameter in /cgi-bin/cstecgi.cgi (v9.3.5u.6139_B20201216). This vulnerability can be triggered remotely and may lead to code execution or other impacts as described across sources. No official ...

CVE-2024-0997

Totolink N200RE is affected by CVE-2024-0997. The vulnerability resides in the function setOpModeCfg in /cgi-bin/cstecgi.cgi, where manipulating the pppoeUser parameter can cause a stack-based buffer overflow. The issue can be exploited remotely and has been publicly disclosed. Multiple sources c...

CVE-2024-0996

A vulnerability classified as critical has been found in Tenda i9 1.0.0.94122. This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

CVE-2024-0996

CVE-2024-0996 affects Tenda i9 1.0.0.9(4122) via the httpd component, in the function formSetCfm of /goform/setcfm. The root cause is a stack-based buffer overflow triggered by manipulating the funcpara1 argument, enabling a remote attacker to exploit the vulnerability. Public exploits have been ...

CVE-2024-0993

A vulnerability was found in Tenda i6 1.0.0.93857. It has been classified as critical. Affected is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to launch t...

CVE-2024-0995

CVE-2024-0995 affects Tenda W6 firmware 1.0.0.9(4122). The vulnerability lies in the httpd component, in the function formwrlSSIDset (file /goform/wifiSSIDset). Manipulating the index argument causes a stack-based buffer overflow, with remote exploitation potentially possible. Public disclosures ...

CVE-2024-0994

CVE-2024-0994 affects Tenda W6 1.0.0.9(4122). The httpd component’s /goform/setcfm formSetCfm function can be triggered via the funcpara1 parameter to cause a stack-based buffer overflow. Exploitation can be performed remotely, and public disclosures exist. Remediation/advisories in connected dat...

CVE-2024-0993

Tenda i6, version 1.0.0.9(3857), contains a stack-based buffer overflow in httpd’s formWifiMacFilterGet function (/goform/WifiMacFilterGet) triggered by manipulating the index argument. This enables remote exploitation and is supported by public disclosures (CVE-2024-0993). No remediation details...

CVE-2024-0990

A vulnerability, which was classified as critical, was found in Tenda i6 1.0.0.93857. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component httpd. The manipulation of the argument ping1 leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-0991

A vulnerability has been found in Tenda i6 1.0.0.93857 and classified as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated...

CVE-2024-0992

CVE-2024-0992 affects Tenda i6 1.0.0.9(3857) in the httpd component via the formwrlSSIDset function at /goform/wifiSSIDset. The index argument manipulation leads to a stack-based buffer overflow, enabling remote exploitation (attack vector: network; impact: high confidentiality, integrity, and av...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0962

CVE-2024-0962 affects obgm libcoap 4.3.4. The vulnerability is in the function get_split_entry of src/coap_oscore.c (Configuration File Handler) and leads to a stack-based buffer overflow. The issue is exploitable remotely according to the description, and public disclosure of the exploit is note...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0932

The vulnerability CVE-2024-0932 affects Tenda AC10U (firmware 15.03.06.49_multi_TDE01). The issue is a stack-based buffer overflow in setSmartPowerManagement caused by improper boundary checks on the time argument. It can be triggered remotely, with public exploits disclosed. Impact is described ...

CVE-2024-0931

CVE-2024-0931 affects Tenda AC10U, specifically the saveParentControlInfo function in version 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow triggered by manipulating deviceId/time/urls, with remote execution risk and a publicly disclosed exploit. Multiple sources (NV...

CVE-2024-0930

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49multiTDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...