CVE-2026-5830

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-4254

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local2c causes stack-based buffer overflow. The attack can be initiated remotel...

EUVD-2026-12488

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local2c causes stack-based buffer overflow. The attack can be initiated remotel...

CVE-2026-4254

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local2c causes stack-based buffer overflow. The attack can be initiated remotel...

CVE-2026-4254

The CVE-2026-4254 entry affects Tenda AC8 firmware up to version 16.03.50.11. The vulnerability is in the HTTP Endpoint component, specifically the doSystemCmd function in /goform/SysToolChangePwd, where manipulating the local_2c argument triggers a stack-based buffer overflow. The issue can be e...

Tenda AC8 安全漏洞

The Tenda AC8 is a wireless router produced by the Chinese company Tenda. Versions of the Tenda AC8 prior to 16.03.50.11 contained a security vulnerability. This vulnerability stemmed from incorrect handling of parameters in the file/goform/SysToolChangePwd, specifically local2c. It could lead to...

CVE-2025-2995

A vulnerability has been found in Tenda FH1202 1.2.0.14408 and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely...

CVE-2022-47116

Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd...

Stack overflow

Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd...

CVE-2019-19516

Intelbras WRN 150 1.0.18 devices allow CSRF via GO=systempassword.asp to the goform/SysToolChangePwd URI to change a password...

PT-2019-15863 · Intelbras · Intelbras Wrn 150

Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 version 1.0.18 Description: The issue allows for cross-site request forgery CSRF attacks, which can be used to change a password. This can be achieved by accessing the goform/SysToolChangePwd URI with GO=system password.asp...