Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-18708

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-27 Oct, 2018 | 22:00
Updated At-05 Aug, 2024 | 11:16
Rejected At-
Credits

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:27 Oct, 2018 | 22:00
Updated At:05 Aug, 2024 | 11:16
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md
x_refsource_MISC
Hyperlink: https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Oct, 2018 | 12:29
Updated At:14 Dec, 2018 | 16:25

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Tenda Technology Co., Ltd.
tenda
>>ac7_firmware>>15.03.06.44_cn
cpe:2.3:o:tenda:ac7_firmware:15.03.06.44_cn:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac7>>-
cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac9_firmware>>15.03.05.19\(6318\)_cn
cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\(6318\)_cn:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac9>>-
cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac10_firmware>>15.03.06.23_cn
cpe:2.3:o:tenda:ac10_firmware:15.03.06.23_cn:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac10>>-
cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac15_firmware>>15.03.05.19_cn
cpe:2.3:o:tenda:ac15_firmware:15.03.05.19_cn:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac15>>-
cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac18_firmware>>15.03.05.19\(6318\)_cn
cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\(6318\)_cn:*:*:*:*:*:*:*
Tenda Technology Co., Ltd.
tenda
>>ac18>>-
cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.mdcve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

548Records found
CVE-2025-3328
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 39.03%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 00:31
Updated-07 Apr, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflow

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac1206ac1206_firmwareAC1206
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11745
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.36% / 57.64%
||
7 Day CHG+0.04%
Published-26 Nov, 2024 | 21:00
Updated-03 Dec, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac8ac8_firmwareAC8ac8_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11248
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.33% / 54.84%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 17:00
Updated-19 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-11061
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.83% / 73.58%
||
7 Day CHG+0.06%
Published-11 Nov, 2024 | 00:31
Updated-13 Nov, 2024 | 23:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 fast_setting_wifi_set FUN_0044db3c stack-based overflow

A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0532
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-0.34% / 55.87%
||
7 Day CHG~0.00%
Published-15 Jan, 2024 | 02:00
Updated-14 May, 2025 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15a15_firmwareA15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44021
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-24 Sep, 2024 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-11056
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.50% / 65.08%
||
7 Day CHG+0.04%
Published-10 Nov, 2024 | 16:31
Updated-14 Nov, 2024 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-1895
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.68%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 01:00
Updated-05 Mar, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setMacFilterCfg buffer overflow

A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-1899
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.11% / 30.12%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 02:31
Updated-05 Mar, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda TX3 setPptpUserList buffer overflow

A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-tx3tx3_firmwareTX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-44018
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44016
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44013
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44015
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.15%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44017
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-8940
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.08% / 25.14%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 05:32
Updated-19 Aug, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC20 saveParentControlInfo strcpy buffer overflow

A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac20_firmwareac20AC20
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-44023
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.15%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-24 Sep, 2024 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44014
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.15%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44020
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-24 Sep, 2024 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44022
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.26%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-24 Sep, 2024 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-44019
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 51.15%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10uac10u_firmwaren/aac10u_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-8178
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.09% / 27.16%
||
7 Day CHG+0.01%
Published-26 Jul, 2025 | 04:32
Updated-01 Aug, 2025 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 RequestsProcessLaid heap-based overflow

A vulnerability classified as critical has been found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /goform/RequestsProcessLaid. The manipulation of the argument device1D leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-5619
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 23:00
Updated-06 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda CH22 addUserName formaddUserName stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ch22ch22_firmwareCH22
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4368
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.13% / 32.95%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 15:31
Updated-13 May, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8 MtuSetMacWan formGetRouterStatus buffer overflow

A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac8ac8_firmwareAC8
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4007
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.37%
||
7 Day CHG+0.03%
Published-28 Apr, 2025 | 07:31
Updated-30 Jul, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflow

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w12i24i24_firmwarew12_firmwareW12i24
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-3693
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.28% / 51.41%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 14:00
Updated-16 Jul, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W12 httpd cgiWifiRadioSet stack-based overflow

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w12_firmwarew12W12
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-3259
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.20% / 41.85%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 17:31
Updated-07 Apr, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-rx3rx3_firmwareRX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0566
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.45% / 62.71%
||
7 Day CHG+0.05%
Published-19 Jan, 2025 | 06:31
Updated-01 Jul, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 SetDevNetName formSetDevNetName stack-based overflow

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0349
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.48% / 64.23%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 10:31
Updated-22 Mar, 2025 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC6 GetParentControlInfo stack-based overflow

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6_firmwareac6AC6
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0848
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.09% / 25.61%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 01:00
Updated-06 Mar, 2025 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflow

A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a18_firmwarea18A18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42659
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 42.79%
||
7 Day CHG~0.00%
Published-24 May, 2022 | 11:41
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac9_firmwareac9n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1923
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.8||HIGH
EPSS-1.94% / 82.69%
||
7 Day CHG~0.00%
Published-30 Jun, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-14740
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.98%
||
7 Day CHG~0.00%
Published-29 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c while making a query.

Action-Not Available
Vendor-pbc_projectn/a
Product-pbcn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2980
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 71.33%
||
7 Day CHG~0.00%
Published-09 Aug, 2010 | 19:23
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-5508_wireless_controllerunified_wireless_network_solution_softwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2979
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 71.33%
||
7 Day CHG~0.00%
Published-09 Aug, 2010 | 19:23
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-5508_wireless_controllerunified_wireless_network_solution_softwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1892
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-80.21% / 99.08%
||
7 Day CHG~0.00%
Published-11 Aug, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_server_2008windows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-0021
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-69.66% / 98.60%
||
7 Day CHG~0.00%
Published-14 Feb, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2003_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10658
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.65%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.

Action-Not Available
Vendor-axisn/a
Product-p1204_firmwarem1103m1145_firmwarep3915-r_firmwarep3343q1932-e_pt_mountq7411_firmwarexp40-q1942q8414-lvsp3363-veq8655-zle_firmwareq1604-e_firmwareq8685-leq8742-le_zoomp1357-e_firmwarem3105-lve_firmwarep1125-zp1425-le_firmwareq1635_firmwarem1013q7424-r_mk_ii_firmwareq1931-e_pt_mount_firmwareq7401_firmwarecompanion_c360c2005_firmwarep1214-ep5514-e_firmwarep1428-ep3228-lveq1775_firmwareq1604p1346-e_firmwarecompanion_eye_lp1405-em1124q1765-le_pt_mount_firmwarep1364q1647p1344-eq7401q3504-vp3114-zq6045-s_mk_iip3365-vm1033-w_firmwarep5515-eq1941-eq8685-exp60-q1765p1346-eq1602_firmwarep3215-ve_firmwareq6052q8642-e_firmwarem3104-lm3005-vq6045-s_mk_ii_firmwarep3354q1635-zq1614-eq1942-e_pt_mountq6054-e_firmwarem3203-v_firmwarep3301-v_firmwarep3225-v_mk_iip3364-lvp3705-zp1405-leq8721-e_firmwarea8004-v_firmwarep1354_firmwareq6044-em1125-em3106-l_mk_ii_firmwarem3007-pq6045_mk_ii_firmwarexp60-q1765_firmwarep3224-v_mk_iim1025_firmwarem3006-v_firmwarep1224-e_firmwarep1344p3224-lve_firmwareq6032-ea8105-ep1254q1602-ep1126-zlp1425-lep1353q1615-e_mk_ii_firmwareq6045-c_mk_iim1054p1343-ep1346_firmwareq3505-sve_mk_iim3204q1910-ep7216_firmwareq1755_firmwarem3105-l_firmwarep1425-le_mk_ii_firmwarep3707-pe_firmwareq6054_mk_ii_firmwarem3106-lve_mk_ii_firmwarep5532-eq1602q6042-cp3375-vea8105-e_firmwarecompanion_cube_lq1931-e_pt_mountp3225-lve_mk_iip3364-ve_firmwareq2901-e_firmwarep3375-ve_firmwarep1245q1755q3617-ve_firmwarem1054_firmwarep3364-vep5624-e_firmwarem3044-wvp5512-eq6115-e_firmwarep3374-v_firmwareq2901-e_pt_mountp8514_firmwarep3904-r_mk_ii_firmwarem3106-lve_mk_iip3301_firmwarep3344-vcompanion_dome_wvq6114-em1103_firmwarep3344-v_firmwareq3615-vem3114-r_firmwarep5512m1045-lw_firmwareq7414_bladep3224-v_mk_ii_firmwarep3343-vq6035q7436_bladem1125m3016a8004-vq1765-le_firmwareq3505-v_mk_iiq6054-e_mk_ii_firmwareq8741-ep3344-vep3363-v_firmwarep1405-le_mk_iiq6042companion_recorder_4chq8742-e_zoom_firmwarecompanion_bullet_le_firmwarem3046-vp1344-e_firmwarep3344_firmwareq1922q1615-e_firmwarep3374-lv_firmwarep1254_firmwareq1604_firmwareq1614-e_firmwarep3346-vq6055-cp5624-e_mk_iiq6055p3375-lv_firmwareq7436_blade_firmwarep3215-vv5915_firmwareq6042-c_firmwarep1405-le_mk_ii_firmwarem3045-vm3047-p_firmwarem1145m1113-e_firmwarep1355-e_firmwarea9161p3227-lveq6045_mk_iif34_main_unitp5512_firmwarem5065_firmwareq1615-e_mk_iim3044-vp3227-lv_firmwarep3343-ve_firmwarep3365-vecompanion_dome_v_firmwarem3048-p_firmwarep3375-lve_firmwarem3026-veq2901-e_pt_mount_firmwarem1144-lq8722-e_firmwarem5014-v_firmwarem5014q1765-le_pt_mountq8742-em3048-pm3204-v_firmwarep1357-em3106-lvep3905-req1605-zp1125-z_firmwareq6124-e_firmwarep3346p3215-veq6044q1932-eq3709-pved2050-ve_firmwareq3517-lvem1144-l_firmwarem3114-ve_firmwarep5515m2025-le_firmwareq8721-eq7424-rp1435-em3015_firmwarep3225-lv_mk_iixf40-q1765m3106-l_firmwareq6044-sq8631-ep3228-lvp3315-zlq7404_firmwarep1343-e_firmwarep5532xp40-q1765_firmwareq6045-e_firmwarep1343p1365-eq6000-exf60-q2901_firmwarev5914_firmwaref44_dual_audio_inputm3044-v_firmwarep1365-e_mk_iiq3708-pvep3363-ve_firmwarep1280p1353-e_firmwarep1265_firmwarem3106-lp1447-le_firmwarep1290p5532-e_firmwarep7224_blade_firmwareq6055-ecompanion_eye_lve_firmwareq8414-lvs_firmwareq1775-em5014_firmwarem1034-wp1354m2026-le_mk_ii_firmwarem7011_firmwareq6055-e_firmwarem3104-lvep3905-re_firmwareq6045-cxf40-q1765_firmwarep1347-em1114-e_firmwareq6055-c_firmwareq8742-e_firmwarem2014-e_firmwarep3224-lve_mk_iip5534m7016_firmwareq6042-e_firmwarec3003-e_firmwareq6055-sm3026-ve_firmwareq6128-e_firmwarep1405-le_firmwareq7406_bladep3227-lvp7214_firmwarep5534-ep5635-eq8722-eq6045-e_mk_ii_firmwarep3375-v_firmwarec3003-em3024-lveq1910-e_firmwarecompanion_eye_l_firmwarep3346-vep3915-rp1347_firmwarem5055q6044-cc8033p1365-e_firmwarep3314-zl_firmwarep8513_firmwareq3505-v_firmwarep3214-v_firmwarep3224-ve_mk_ii_firmwareq6054_mk_iip3114-z_firmwarem3045-wv_firmwarep5514_firmwareq1910_firmwarem3113-ve_firmwarep8524m3045-v_firmwarep1344_firmwareq6054_firmwarep3905-r_firmwarecompanion_dome_vq6054-eq8675-ze_firmwarep3344-ve_firmwarem1004-wq8741-le_firmwarep3706-z_firmwarev5915p1224-ep1365_firmwareq6044-s_firmwarep3304q6034_firmwareq3505-vecompanion_cube_l_firmwarem3007-pv_firmwarep3224-lv_firmwareq6032-cm3204-vp3364-lvep3705-z_firmwarem2014-ep3367-vep1275p1405-e_firmwaref44_main_unit_firmwareq3505-ve_firmwareq8632-e_firmwarem7010m3203p3125-z_firmwarep1264_firmwarep1365_mk_iip3228-lv_firmwareq1615-ep1448-leq6045_firmwarep1365q8742-le_firmwarem1125_firmwarem2026-le_mk_iim3114-rp3125-zq8742-le_zoom_firmwarem3037-pveq6044_firmwarem7011q6034-ep3374-lvp1427-e_firmwarep3115-z_firmwarep5635-zem1113_firmwarep3707-pep3314-zm3045-wvq3505-v_mk_ii_firmwarecompanion_cube_lw_firmwarep1435-lep5534-e_firmwarem1013_firmwareq1602-e_firmwareq6034-c_firmwarep1355-ep3225-ve_mk_iip5415-e_firmwarep1325-zq1922-eq6042-ep3364-lv_firmwarep3224-lveq6055_firmwarem3105-lp5515-e_firmwareq1605-z_firmwareq7414_blade_firmwarep3904-r_mk_iip1126-z_firmwareq8675-zeq6052-ecompanion_recorder_4ch_firmwarep1214p3301m3105-lveq1922-e_firmwarep3214-ve_firmwarep5515_firmwarexf40-q2901xf40-q2901_firmwarea9188f41_main_unit_firmwareq6044-c_firmwarep1364-eq1645p3384-ve_firmwarem1104q6054-e_mk_iip3706-zp5635-e_mk_ii_firmwarep3363-vq6035-e_firmwarep5522_firmwareq3615-ve_firmwarep1425-le_mk_iiq6032q7424-r_firmwareq8665-e_firmwareq6032_firmwarep1126-zl_firmwarem1065-lp1214-e_firmwarep1427-le_firmwarep5544_firmwarep3905-r_mk_ii_firmwarem2026-lep3374-vd201-s_xpt_q6055_firmwarem3027-pvep3315-zm3007-p_firmwarem5065m1143-l_firmwareq2901-ef44_main_unitq8741-lep3384-vq3505-vq6032-c_firmwarep3343-veq6125-le_firmwarep3904-r_firmwarep5635-e_firmwarep3367-ve_firmwareq1931-eq8665-lecompanion_bullet_lep1427-lep1126-zq1942-e_firmwareq1635-ep3375-lvep1427-ea9188-v_firmwarep3225-lv_firmwarep3905-r_mk_iiq6035-em3024-lve_firmwarep3114-i_firmwareq6000-e_mk_iip1357q6042-s_firmwareq8742-e_zoomm1125-e_firmwarep1353-ep3364-v_firmwarep1428-e_firmwarep5635-e_mk_iiq3517-lvq8641-ep3365-ve_firmwarep5544q1615_firmwareq1932-e_pt_mount_firmwarem1113-em3203_firmwarec1004-ep5414-ep5522q1635q6032-e_firmwareq3504-ve_firmwareq8685-le_firmwarem1025q7406_blade_firmwareq6045-c_firmwarem3016_firmwareq1614m1113companion_eye_lveq1615m2025-lep1354-e_firmwarep3214-vem1124_firmwarep3115-i_firmwarem3113-rq1921-e_firmwarem1034-w_firmwarep1347p1264q6044-e_firmwarem1033-wq1604-ep1365-e_mk_ii_firmwarep3346-ve_firmwarep3375-lvq1659p3228-lve_firmwareq1775p1325-z_firmwarep1448-le_firmwarec1004-e_firmwarem3044-wv_firmwareq1645_firmwarep3314-zlq6035-cp3225-ve_mk_ii_firmwarep7224_bladem1114a9188-vq1635-z_firmwareq6035-c_firmwareq3505-ve_mk_ii_firmwarep1347-e_firmwaref41_main_unitm3046-v_1.8mmm3203-vp1280_firmwarem3046-v_firmwareq6128-eq8665-eq1941-e_pt_mountm3046-v_1.8mm_firmwareq8741-e_firmwarev5914f34_main_unit_firmwarep5522-em3106-l_mk_iip5414-e_firmwarep1367_firmwarep1245_firmwarep3367-v_firmwareq1941-e_firmwarep1357_firmwarep5415-eq3515-lvp8513m1114-eq1922_firmwarep3225-lve_mk_ii_firmwarep3224-lvp1265q3504-v_firmwarem1104_firmwarefa54_main_unit_firmwarep3301-vxf60-q2901q6045-sm3014_firmwarep3353_firmwarep1244_firmwarem3027-pve_firmwarem5013q1615_mk_iim3014d201-s_xpt_q6055p5635-ze_firmwareq7424-r_mk_iip3384-veq6045-e_mk_iiq8641-e_firmwarem3005-v_firmwareq8631-e_firmwarem3114-vep1354-ep3224-lve_mk_ii_firmwarep3315-z_firmwareq3709-pve_firmwarep5624-e_mk_ii_firmwareq3505-ve_mk_iim1145-l_firmwarec2005p3224-lv_mk_ii_firmwareq6045-s_firmwarep5514p3904-rq1615_mk_ii_firmwarem1004-w_firmwarem5525-e_firmwarep3225-lv_mk_ii_firmwareq3505-sve_mk_ii_firmwareq6115-eq1755-e_firmwareq6052-e_firmwarep3225-lveq1921p1214_firmwarecompanion_recorder_8ch_firmwarem5054p3115-zp8524_firmwarem5013-vm1143-lm7010_firmwarem1145-lp5624-ep3915-r_mk_ii_firmwarem7014_firmwareq1921_firmwareq1921-em3007-pvm3104-lve_firmwareq6124-ep3375-vxp40-q1765m1045-lwp3215-v_firmwarep3225-v_mk_ii_firmwarep1343_firmwareq1910q6045-ecompanion_recorder_8chm3047-pm3104-l_firmwarep1355p3915-r_mk_iip5512-e_firmwarem5055_firmwareq6042-scompanion_cube_lwm3004-vp1435-le_firmwaref44_dual_audio_input_firmwarem5525-ep3224-ve_mk_iip1367-eq6045-c_mk_ii_firmwareq1635-e_firmwareq1931-e_firmwareq3517-lve_firmwarep3346-v_firmwarea1001q6042_firmwareq6000-e_mk_ii_firmwarep1364-e_firmwarea1001_firmwarep3353q3504-veq3515-lv_firmwareq1775-e_firmwarep1368-ep7210_firmwareq8742-lem5054_firmwarep7210p1367companion_c360_firmwareq6155-e_firmwarem3004-v_firmwareq6034-cq3515-lvefa54_main_unitm5013_firmwareq3617-veq6125-lep3343_firmwarep3364-vq6034m2026-le_firmwareq8642-em3113-r_firmwareq6155-ep3905-rm1065-lwm3015p1365_mk_ii_firmwarep1447-lep3115-iq1942-e_pt_mount_firmwareq7404m3204_firmwarep1353_firmwarep1125-zl_firmwarem3106-lve_firmwarep1290_firmwarem3037-pve_firmwarep3365-v_firmwarep1244p5522-e_firmwareq3517-lv_firmwareq8655-zlep3314-z_firmwarep5514-em1014_firmwarep3384-v_firmwareq1614_firmwarep7216m7016q6035_firmwarecompanion_dome_wv_firmwarem5013-v_firmwarep3364-lve_firmwareq1932-e_firmwarem3025-ve_firmwarep7214q1647_firmwarexp40-q1942_firmwarep1368-e_firmwarem1065-l_firmwarep8514m3113-vep3304-vp1367-e_firmwarep3354_firmwarem1124-e_firmwareq1941-e_pt_mount_firmwareq6114-e_firmwarec8033_firmwarem1065-lw_firmwarep1435-e_firmwareq6034-e_firmwareq1942-ep3214-vp3225-lve_firmwarep1125-zlq8685-e_firmwarep1346p3343-v_firmwareq8632-eq6045p3227-lve_firmwareq3708-pve_firmwarep1275_firmwarem3025-vep1425-e_firmwareq6052_firmwareq6055-s_firmwarep3224-lv_mk_iip3304_firmwareq6054m1114_firmwareq1765-leq7411p3114-id2050-veq1659_firmwarep1425-em5014-vq1755-em3006-vp3225-lvq6000-e_firmwarep1364_firmwarep3304-v_firmwarem1014a9161_firmwarem1124-ep5532_firmwareq8665-le_firmwarem7014p3367-vp1204p5534_firmwarep3344p1355_firmwareq3515-lve_firmwarea9188_firmwarep3346_firmwarep3315-zl_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0693
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.37% / 79.42%
||
7 Day CHG~0.00%
Published-12 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 Client Billing and Authentication 7.0.127.16 allows remote attackers to cause a denial of service (service outage) via a series of long packets to TCP port 48101.

Action-Not Available
Vendor-print_manager_plusn/a
Product-client_billing_and_authenticationn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4420
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.97% / 85.97%
||
7 Day CHG~0.00%
Published-24 Dec, 2009 | 17:00
Updated-07 Aug, 2024 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_protocol_security_managerbig-ip_protocol_security_modulebig-ip_application_security_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4020
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-4.85% / 89.13%
||
7 Day CHG~0.00%
Published-04 Dec, 2009 | 21:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13997
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.87%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 12:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Genann through 2018-07-08 has a SEGV in genann_run in genann.c.

Action-Not Available
Vendor-codeplean/a
Product-genannn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-3280
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.82% / 82.14%
||
7 Day CHG~0.00%
Published-21 Sep, 2009 | 19:00
Updated-16 Sep, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the find_ie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service (soft lockup) via malformed packets.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10326
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.04%
||
7 Day CHG~0.00%
Published-13 Apr, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.

Action-Not Available
Vendor-n/aGNU
Product-osipn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-2346
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.84% / 73.82%
||
7 Day CHG~0.00%
Published-08 Sep, 2009 | 18:00
Updated-15 Aug, 2024 | 12:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263.

Action-Not Available
Vendor-n/aAsteriskSangoma Technologies Corp.
Product-asteriskopensourceopen_sourceappliance_s800in/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1298
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-2.32% / 84.18%
||
7 Day CHG~0.00%
Published-08 Dec, 2009 | 23:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1389
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-5.52% / 89.88%
||
7 Day CHG~0.00%
Published-16 Jun, 2009 | 23:00
Updated-07 Aug, 2024 | 05:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-kernellinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-0851
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.18%
||
7 Day CHG~0.00%
Published-15 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccessn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1439
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.34% / 84.25%
||
7 Day CHG~0.00%
Published-27 Apr, 2009 | 17:43
Updated-07 Aug, 2024 | 05:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-0618
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.76%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 16:49
Updated-02 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-652BRP Web Service cfg_op.ccp memory corruption

A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-652brp_firmwaretew-652brpTEW-652BRP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-0613
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.76%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 13:40
Updated-02 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-811DRU httpd security.asp memory corruption

A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219937 was assigned to this vulnerability.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-811dru_firmwaretew-811druTEW-811DRU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 10
  • 11
  • Next
Details not found