17 matches found
CVE-2026-8263
A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...
CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection
A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...
CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection
A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...
CVE-2026-8263
The CVE affects Tenda AC6 (firmware 15.03.06.49_multi_TDE01) where the fromSetWirelessRepeat function in /goform/WifiExtraSet within the httpd component is vulnerable. Manipulating the mac/ssid arguments enables an OS command injection, allowing remote exploitation. Public exploits have been rele...
CVE-2026-2877
A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapskcrypto5g leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2026-2877 Tenda A18 Httpd Service WifiExtraSet strcpy stack-based overflow
A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapskcrypto5g leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2026-2877
The CVE-2026-2877 affects Tenda A18 (firmware 15.13.07.13) in the Httpd Service’s /goform/WifiExtraSet endpoint. The issue is a stack-based overflow due to unsafe handling of strcpy on the wpapsk_crypto5g parameter, enabling remote initiation of an attack. Public disclosures exist (including NVD,...
Tenda A18 安全漏洞
The Tenda A18 is a AC1200 dual-band Wi-Fi repeater produced by the Chinese company Tenda. Version 15.13.07.13 of the Tenda A18 contains a security vulnerability. This vulnerability stems from the strcopy function in the /goform/WifiExtraSet file, which exhibits a stack buffer overflow issue due t...
CVE-2026-1420 Tenda AC23 WifiExtraSet buffer overflow
A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapskcrypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...
PT-2026-4723
Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A buffer overflow flaw exists in the Tenda AC23 router. The issue is due to the manipulation of the wpapsk crypto argument within the /goform/WifiExtraSet file. This allows for remote exploitation. Th...
CVE-2025-10838 Tenda AC21 WifiExtraSet sub_45BB10 buffer overflow
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function sub45BB10 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-10838 Tenda AC21 WifiExtraSet sub_45BB10 buffer overflow
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function sub45BB10 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-10838
CVE-2025-10838 affects the Tenda AC21 router (firmware 16.03.08.16). The vulnerability resides in the function sub_45BB10 in the file /goform/WifiExtraSet, where manipulation of the wpapsk_crypto argument allows a buffer overflow. This can be exploited remotely and publicly available exploit code...
Tenda FH1205 Buffer Overflow Vulnerability
The Tenda FH1205 is a wireless router from Tenda China. The Tenda FH1205 version 2.0.0.7775 suffers from a buffer overflow vulnerability that originates from the parameter wpapskcrypto in the file /goform/WifiExtraSet, which fails to correctly validate the length of the input data, which can be...
Tenda AC6 安全漏洞
Tenda AC6 is a dual-band wireless router from China's Tenda Tenda in 2016. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from some unknown features of /goform/WifiExtraSet, and can be exploited by an attacker to execute arbitrary code by manipulating the parameter...
Tenda A15 安全漏洞
Tenda A15 is a WiFi extender from Tenda China. A buffer overflow vulnerability exists in Tenda A15 version 15.13.07.13, which originates from the wpapskcrypto24g parameter of the /goform/WifiExtraSet file that fails to correctly validate the length of the input data, and can be exploited by a...
Tenda AC9 缓冲区错误漏洞
Tenda AC9 is a wireless router from Tenda, China. A security vulnerability exists in the Tenda AC9, which is caused by a buffer overflow in the wpapskcrypto parameter of /goform/WifiExtraSet...