CVE-2024-0534

The CVE-2024-0534 entry relates to Tenda A15 (Web-based Management Interface). A stack-based buffer overflow is triggered by manipulating the mac argument in the /goform/SetOnlineDevName function, allowing remote exploitation. Multiple connected sources confirm remote-exploit potential and that d...

CVE-2024-0533

CVE-2024-0533 affects Tenda A15 firmware 15.13.07.13 through the Web-based Management Interface, specifically the /goform/SetOnlineDevName handler. The root cause is a stack-based buffer overflow triggered by the devName parameter due to improper input validation. This vulnerability can be exploi...

CVE-2024-0533 Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The...

CVE-2024-0532

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...

Stack overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects unknown code of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g leads to stack-based buffer overflow. Th...

Stack overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible t...

CVE-2024-0532

CVE-2024-0532 affects Tenda A15 (version 15.13.07.13) Web-based Management Interface: the WifiExtraSet function set_repeat5, when handling wpapsk_crypto2_4g/wpapsk_crypto5g, can cause a stack-based buffer overflow. The issue is exploitable remotely and has publicly disclosed exploits. Connected d...

CVE-2024-0532 Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...

CVE-2024-0532 Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...

CVE-2024-0531 Tenda A15 Web-based Management Interface setBlackRule stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible t...

CVE-2024-0531 Tenda A15 Web-based Management Interface setBlackRule stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible t...

CVE-2024-0531

The CVE-2024-0531 issue affects Tenda A15 Web-based Management Interface, specifically the unknown part of the file /goform/setBlackRule . The vulnerability arises from manipulating the deviceList parameter, causing a stack-based buffer overflow that can be triggered remotely. Reported impact inc...

CVE-2023-20195

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...

CVE-2023-20074

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due...

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due...

CVE-2023-20074

CVE-2023-20074 : Cisco Firepower Management Center (FMC) web-based management interface is affected by multiple stored XSS vulnerabilities caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker could inject crafted input into data fields to execute arbitrary...

CVE-2023-20206

Cisco Firepower Management Center (FMC) web-based management interface is affected by stored cross-site scripting (XSS) vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could insert crafted input in various interface fields to execute arbitrary script code...

Design/Logic Flaw

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into downloading...

CVE-2023-43510 Authenticated Remote Command Injection in ClearPass Policy Manager Web-Based Management Interface Leading to Partial System Compromise

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system...

CVE-2023-43508 Authorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management Interface

Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker to...