TOTOLINK A3002MU 安全漏洞

Totolink A3002MU is a wireless router product that provides network connectivity and wireless access. A stack buffer overflow vulnerability exists in the Totolink A3002MU. The vulnerability stems from a failure to properly handle the wan-url parameter in the HTTP request handling component, which...

CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. Version 15.03.02.13 of the Tenda AC9 contains a security vulnerability. This vulnerability stems from incorrect handling of a parameter named WANS in the file/goform/WizardHandle, which may lead to a stack buffer overflow...

CVE-2025-50647

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint...

PT-2025-37457

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version 15.03.06.23 Description: A stack-based buffer overflow vulnerability exists in the HTTP Request Handler component of the Tenda AC1206. The vulnerability is located in the check param changed function within the...

CVE-2025-9791

A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made availabl...

CVE-2024-32315

Tenda FH1202 v1.2.0.14408 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function...

Tenda FH1202 安全漏洞

Tenda FH1202 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a total transmission rate of 1200Mbps. The Tenda FH1202 suffers from a buffer overflow vulnerability that originates from the adslPwd parameter of the formWanParameterSetting method failing to correctl...

CVE-2023-40798

In Tenda AC23 v16.03.07.45cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability...

CVE-2022-36571

Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting...

Tenda AX1803 WanParameterSetting function command injection vulnerability

Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 v1.0.0.12890 version of the command injection vulnerability, which stems from the WanParameterSetting function fails to properly filter the construct command special characters, commands, etc.. An attacker could exploi...

CVE-2022-34596

Tenda AX1803 v1.0.0.12890 was discovered to contain a command injection vulnerability via the function WanParameterSetting...

CVE-2022-34597

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting...

CVE-2022-24144

Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters...

Tenda AC9 Command Injection Vulnerability

Tenda AC9 is a wireless router from Tenda, a Chinese company. An operating system command injection vulnerability exists in the /goform/WanParameterSetting function in the Tenda AC9. The vulnerability arises when the network system or product fails to properly filter special characters, commands,...

CVE-2019-5072

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS2 post...

CVE-2019-5071

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection in the DNS1 post...