21 matches found
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The version Tenda W20E V4.0brV15.11.0.6 contains a security vulnerability. This vulnerability arises from the lack of size validation before connecting to gstup and gstdwn, which may lead to a buffer overflow...
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The Tenda W20E V4.0brV15.11.0.6 version contains a security vulnerability. This vulnerability stems from the unvalidated use of the usbPartitionName parameter, which may lead to key command injection...
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The Tenda W20E V4.0brV15.11.0.6 version contains a security vulnerability. This vulnerability stems from the lack of verification of the picName parameter’s size, which may lead to a buffer overflow...
EUVD-2022-44125
Malicious code in bioql PyPI...
EUVD-2022-44124
Malicious code in bioql PyPI...
EUVD-2022-44123
Malicious code in bioql PyPI...
CVE-2022-40855
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service DoS or Remote Code Execution RCE via the portMappingServer, portMappingProtocol, portMappingWan,...
CVE-2022-40867
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/...
Tenda W20E formSetDebugCfg function enable parameter command injection vulnerability
The Tenda W20E is a router from the Chinese company Tenda. The Tenda W20E suffers from a command injection vulnerability that stems from the formSetDebugCfg function enable parameter failing to properly filter construct command special characters, commands, and so on. No detailed vulnerability...
The vulnerability of the formSetStaticRoute() function in the Tenda W20E wireless Wi-Fi router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formSetStaticRoute function in the Tenda W20E wireless Wi-Fi router software lies in the reading of data beyond the buffer in memory during the processing of parameters such as staticRouteNet, staticRouteMask, staticRouteGateway, and staticRouteWAN. Exploiting this...
The vulnerability of the `formSetRemoteWebManage` function in the Tenda W20E router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetRemoteWebManage function in the Tenda W20E router software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information by sending specially...
CVE-2022-40868
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/...
CVE-2022-40855
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service DoS or Remote Code Execution RCE via the portMappingServer, portMappingProtocol, portMappingWan,...
CVE-2022-40866
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/...
CVE-2022-40866
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/...
CVE-2022-40866
The CVE-2022-40866 entry pertains to the Tenda W20E router (version V15.11.0.6). A stack overflow vulnerability exists in the formSetDebugCfg function triggered by the request to /goform/setDebugCfg/. Public sources indicate the issue stems from insufficient input size checks, enabling potential ...
CVE-2022-40867
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/...
CVE-2022-40867
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/...
CVE-2022-40868
Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/...
PT-2022-25584 · Tenda · Tenda W20E
Name of the Vulnerable Software and Affected Versions: Tenda W20E router version 15.11.0.6 Description: The issue is related to a stack overflow in the formSetPortMapping function, which can be triggered by a POST request to the "goform/setPortMapping/" endpoint. This allows attackers to...