20680 matches found
EUVD-2026-43301
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-15543
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-15543
The CVE-2026-15543 entry concerns Tenda CH22 firmware 1.0.0.1. The vulnerability affects the function formCertListInfo in /goform/CertListInfo, where manipulating the Name argument triggers a buffer overflow. This is a remote-exploit scenario, with public exploits cited. The available sources pro...
CVE-2026-15543 Tenda CH22 CertListInfo formCertListInfo buffer overflow
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
Tenda AC15 AC1900 version 15.03.05.19 - Command Injection
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. id: CVE-2020-10987 info: name: Tenda AC15 AC1900 version 15.03.05.19 - Command Injection author: pussycat0x severity: critical...
Tenda 11N - Authentication Bypass
Tenda 11N with firmware version V5.07.33cn contains an authentication bypass vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-42233 info: name: Tenda 11N -...
Tenda AC1200 V-W15Ev2 - Authentication Bypass
The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...
PT-2026-57617
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
Tenda Router AC11 - Remote Command Injection
Tenda Router AC11 is susceptible to remote command injection vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. id: CVE-2021-31755 info: name: Tenda Router AC11 - Remote Comman...
EUVD-2026-42647
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...
EUVD-2026-42643
Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...
EUVD-2026-42644
Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...
EUVD-2026-42646
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted second SETUP request. After completing the OPTIONS, DESCRIBE, and a legitimate first SETUP request to obtain a...
EUVD-2026-42645
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL fiel...
EUVD-2026-42649
An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response...
EUVD-2026-42648
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.991 allows an unauthenticated remote attacker to cause a denial of service via a crafted TEARDOWN request...
CVE-2026-51605
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.991 allows an unauthenticated remote attacker to cause a denial of service via a crafted TEARDOWN request...
CVE-2026-51606
An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response...
CVE-2026-51604
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...
CVE-2026-51603
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted second SETUP request. After completing the OPTIONS, DESCRIBE, and a legitimate first SETUP request to obtain a...