4 matches found
PT-2025-54180
A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...
PT-2025-53720
Name of the Vulnerable Software and Affected Versions Tenda W6-S version 1.0.0.4510 Description A stack-based buffer overflow exists in the R7websSsecurityHandler component of Tenda W6-S. The issue is located in the file /bin/httpd. Manipulation of the Cookie argument can trigger the overflow. Th...
PT-2022-27541 · Tenda · Tenda W6-S
Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A command injection issue was found in the tpi get ping output function at the "/goform/exeCommand" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, consider disabling the tpi get pi...
PT-2022-27545 · Tenda · Tenda W6-S
Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A stack overflow issue was discovered, which can be triggered via the linkEn parameter at the "/goform/setAutoPing" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, avoid using the...