CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

NVD•added 2026/04/27 9:16 a.m.•2 views

CVE-2026-7102

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

8.8CVSS0.01039EPSS

Exploits1References5

Positive Technologies•added 2026/04/27 12:0 a.m.•0 views

PT-2026-35378

6.5CVSS6.3AI score0.01039EPSS

Exploits1References6

CNNVD•added 2026/04/27 12:0 a.m.•4 views

Tenda F456 注入漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a vulnerability caused by the FromWriteFacMac function in the httpd component or the goform/WriteFacMac file. This vulnerability arises from the handling of the parameter “mac” in...

8.8CVSS6.6AI score0.01039EPSS

Exploits1References2

EUVD•added 2026/03/31 12:31 a.m.•1 views

EUVD-2026-17243

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.01039EPSS

Exploits1References6

NVD•added 2026/03/30 10:16 p.m.•0 views

CVE-2026-5153

8.8CVSS0.01039EPSS

Exploits1References5

CVE•added 2026/03/30 9:30 p.m.•3 views

CVE-2026-5153

CVE-2026-5153 concerns Tenda CH22 (v1.0.0.1). The flaw is in the function FormWriteFacMac of the file /goform/WriteFacMac. Manipulating the mac argument can lead to arbitrary command execution, potentially exploitable by an attacker over the network. The vulnerability description notes that the a...

8.8CVSS6.4AI score0.01039EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2026/03/30 12:0 a.m.•0 views

PT-2026-29131

6.5CVSS5.7AI score0.01039EPSS

Exploits1References7

CNNVD•added 2026/03/30 12:0 a.m.•3 views

Tenda CH22 命令注入漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “mac” in the function FormWriteFacMac defined in the file/goform/WriteFacMac,...

8.8CVSS6.6AI score0.01039EPSS

Exploits1References6

RedhatCVE•added 2026/03/26 3:15 p.m.•4 views

CVE-2026-4554

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

6.5CVSS6.4AI score0.00227EPSS

Exploits1References1

Vulnrichment•added 2026/03/22 4:51 p.m.•3 views

CVE-2026-4554 Tenda F453 WriteFacMac FormWriteFacMac privilege escalation

6.5CVSS6.4AI score0.00227EPSS

Exploits1References5

CVE•added 2026/03/22 4:51 p.m.•3 views

CVE-2026-4554

CVE-2026-4554 affects Tenda F453 firmware 1.0.0.3. The flaw is in the FormWriteFacMac function of /goform/WriteFacMac, where manipulating the mac argument leads to command injection. Exploitation is reported as remote, and public exploits exist per the cited sources (NVD/Red Hat/EUVD/CVE lists). ...

8.8CVSS6.4AI score0.00227EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/03/22 4:51 p.m.•3 views

CVE-2026-4554

6.5CVSS6.4AI score0.00227EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/03/22 4:51 p.m.•34 views

CVE-2026-4554 Tenda F453 WriteFacMac FormWriteFacMac privilege escalation

6.5CVSS0.00227EPSS

Exploits1References5

Positive Technologies•added 2026/03/22 12:0 a.m.•4 views

PT-2026-27019

6.5CVSS6.4AI score0.00227EPSS

Exploits1References7

CNNVD•added 2026/03/22 12:0 a.m.•2 views

Tenda F453 命令注入漏洞

The Tenda F453 is a wireless router produced by the Chinese company Tenda. The Tenda F453 1.0.0.3 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “mac” in the file/goform/WriteFacMac, which may lead to command injection...

8.8CVSS6.6AI score0.00227EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 9:20 a.m.•2 views

CVE-2024-3009

A vulnerability has been found in Tenda FH1205 2.0.0.7775 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit h...

8.8CVSS7.6AI score0.05908EPSS

Exploits1References1

OSV•added 2024/11/02 12:15 p.m.•0 views

CVE-2024-10697

A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be...

9.8CVSS5.7AI score0.83113EPSS

Exploits1References5

Vulnrichment•added 2024/11/02 12:0 p.m.•15 views

CVE-2024-10697 Tenda AC6 API Endpoint WriteFacMac formWriteFacMac command injection

6.5CVSS10AI score0.83113EPSS

Exploits1References5

Cvelist•added 2024/11/02 12:0 p.m.•17 views

CVE-2024-10697 Tenda AC6 API Endpoint WriteFacMac formWriteFacMac command injection

6.5CVSS0.83113EPSS

Exploits1References5

OSV•added 2024/07/25 10:15 p.m.•1 views

CVE-2024-41473