Lucene search
K

240 matches found

Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29215

SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...

9.3CVSS6.2AI score0.00345EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/18 4:45 p.m.4 views

CVE-2026-20139

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3, 10.1.2507.8, 10.0.2503.9, and 9.3.2411.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload into the...

4.3CVSS5.5AI score0.05145EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/02/10 7:33 a.m.9 views

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

9CVSS5.6AI score0.00622EPSS
Exploits1References1
NVD
NVD
added 2026/02/09 3:16 a.m.6 views

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

9CVSS0.00622EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/09 2:2 a.m.3 views

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

9CVSS8.2AI score0.00622EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.11 views

Tenda AC8 安全漏洞

The Tenda AC8 is a wireless router produced by the Chinese company Tenda. Version 16.03.33.05 of the Tenda AC8 contains a security vulnerability. This vulnerability stems from incorrect handling of the file/goform/fast-settingwifi-set parameter timeZone in the Embedded Httpd Service component,...

9CVSS7.7AI score0.00622EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.10 views

PT-2026-6986

Name of the Vulnerable Software and Affected Versions Tenda AC8 version 16.03.33.05 Description A buffer overflow issue exists in the Embedded Httpd Service component of Tenda AC8. The flaw is located in the file '/goform/fast setting wifi set' and is triggered by manipulating the timeZone...

9CVSS5.5AI score0.00622EPSS
Exploits1References8
OSV
OSV
added 2026/01/16 4:15 p.m.7 views

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS5.9AI score0.00401EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Tenda AX1806 security vulnerabilities

The Tenda AX1806 is a WiFi6 wireless router produced by the Chinese company Tenda. The Tenda AX1806 v1.0.0.1 version has a security vulnerability. This vulnerability stems from a stack overflow in the timeZone parameter of the fromSetSysTime function, which may allow for a denial-of-service attac...

7.5CVSS5.8AI score0.00401EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/16 12:0 a.m.3 views

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.2AI score0.00401EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.10 views

PT-2026-3258

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00401EPSS
Exploits1References2
CVE
CVE
added 2026/01/16 12:0 a.m.15 views

CVE-2025-70746

CVE-2025-70746 affects Tenda AX-1806 v1.0.0.1. The vulnerability is a stack overflow in the timeZone parameter of the fromSetSysTime function, which can cause a Denial of Service (DoS) when processing a crafted request. The connected sources describe the same issue but do not provide details on a...

7.5CVSS7.2AI score0.00401EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.6 views

CVE-2022-26991

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS8.6AI score0.02718EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/20 2:32 a.m.4 views

CVE-2025-13446 Tenda AC21 SetSysTimeCfg stack-based overflow

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

9CVSS8.8AI score0.03473EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/31 9:31 p.m.7 views

EUVD-2025-37397

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.1AI score0.00362EPSS
Exploits1References2
OSV
OSV
added 2025/10/31 7:15 p.m.6 views

CVE-2025-63458

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS5.9AI score0.00362EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/31 12:0 a.m.4 views

CVE-2025-63458

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.2AI score0.00362EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.5 views

Tenda AX-1803 安全漏洞

The Tenda AX-1803 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in the Tenda AX-1803 v1.0.0.1, which originates from the timeZone parameter in the formfastsettingwifiset function that fails to correctly validate the length of the input data, and can be...

7.5CVSS8.2AI score0.00362EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/31 12:0 a.m.8 views

CVE-2025-63458

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

0.00362EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/13 12:0 a.m.4 views

Tenda AC20 sscanf function buffer overflow vulnerability

Tenda AC20 is a home router from Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability, which originates from the incorrect operation of the sscanf function parameter timeZone in the file /goform/fastsettingwifiset, for which no detailed vulnerability details are available at this ti...

9CVSS7.6AI score0.00739EPSS
Exploits1References1
Rows per page
Query Builder