CVE-2025-15356

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...

Tenda AC20 安全漏洞

Tenda AC20 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from incorrect operation of the parameters powerSavingEn/time/powerSaveDelay/ledCloseType in the file /goform/PowerSaveSet, which may result in a buff...

PT-2025-54177

Name of the Vulnerable Software and Affected Versions Tenda AC20 versions prior to 16.03.08.12 Description A buffer overflow issue exists in Tenda AC20 routers. The issue is located in the sscanf function within the /goform/PowerSaveSet file. Manipulation of the powerSavingEn, time, powerSaveDela...

CVE-2025-14656

A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made availab...

Tenda AC20 安全漏洞

Tenda AC20 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC20 version 16.03.08.12, which stems from an incorrect manipulation of the parameter list in the file /goform/setPptpUserList, which could result in a stack buffer overflow...

Tenda AC20 缓冲区错误漏洞

Tenda AC20 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC20 version 16.03.08.12, which originates from the incorrect operation of the parameter rebootTime in the file /goform/SetSysAutoRebbotCfg, which may result in a stack buffer overflow...

Tenda AC20 安全漏洞

Tenda AC20 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC20 version 16.03.08.12 and earlier, which stems from an incorrect operation of the parameter wpapskcrypto in the file /goform/WifiExtraSet, which may result in a buffer overflow...

EUVD-2025-24671

Malicious code in bioql PyPI...

EUVD-2025-25104

Malicious code in bioql PyPI...

EUVD-2025-25103

Malicious code in bioql PyPI...

Tenda AC20 Buffer Overflow Vulnerability

Tenda AC20 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from the improper handling of the mac parameter in the strcpy function in the /goform/GetParentControlInfo file. The vulnerability can be...

Tenda AC20 安全漏洞

Tenda AC20 is a wireless router product from Tenda. A buffer overflow vulnerability exists in Tenda AC20 16.03.08.12 and earlier versions, which originates from the improper handling of the mac parameter in the strcpy function in the /goform/GetParentControlInfo file. The vulnerability can be...

Tenda AC20 16.03.08.12 Command Injection

Tenda AC20 version 16.03.08.12 suffers from a command injection vulnerability in /goform/telnet...

CVE-2025-9091

A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...

CVE-2025-9090

CVE-2025-9090 affects Tenda AC20 router (firmware 16.03.08.12). The flaw is in the Telnet Service: the websFormDefine function in /goform/telnet allows remote command injection. Public exploitation exists (exploit code and PoC references in multiple sources), enabling arbitrary command execution ...

CVE-2025-9088

A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function savevirtualserdata of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed t...

CVE-2025-9087 Tenda AC20 SetNetControlList Endpoint set_qosMib_list stack-based overflow

A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...

PT-2025-33608 · Tenda · Tenda Ac20

Name of the Vulnerable Software and Affected Versions: Tenda AC20 version 16.03.08.12 Description: A security flaw has been discovered in Tenda AC20. The vulnerability affects an unknown functionality of the file /etc ro/shadow. Manipulation of this file leads to the disclosure of hard-coded...

PT-2025-33606 · Tenda · Tenda Ac20

Name of the Vulnerable Software and Affected Versions: Tenda AC20 version 16.03.08.12 Description: A vulnerability exists in the sub 48E628 function of the /goform/SetIpMacBind file. Manipulation of the argument list leads to a stack-based buffer overflow, potentially allowing for remote...

PT-2025-33475 · Tenda · Tenda Ac20

Name of the Vulnerable Software and Affected Versions: Tenda AC20 version 16.03.08.12 Description: A stack-based buffer overflow issue was identified in the sub 46A2AC function of the /goform/setMacFilterCfg file. The manipulation of the deviceList argument leads to this overflow, and the attack...