VARIoT IoT vulnerabilities database

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been declared as critical. Affected by this vulnerability is the function formAddSysLogRule of the component httpd. The manipulation of the argument sysRulenEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250711. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the sysRulenEn parameter of the formAddSysLogRule function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250710 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the formOfflineSet function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability was found in Tenda W9 1.0.0.7(4456) and classified as critical. This issue affects the function formQosManage_user of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250709 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the formQosManage_user function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability has been found in Tenda W9 1.0.0.7(4456) and classified as critical. This vulnerability affects the function formQosManage_auto of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250708. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the formQosManage_auto function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability, which was classified as critical, was found in Tenda W9 1.0.0.7(4456). This affects the function setWrlBasicInfo of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250707. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the setWrlBasicInfo function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability, which was classified as critical, has been found in Tenda W9 1.0.0.7(4456). Affected by this issue is the function setWrlAccessList of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250706 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of w9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 version 1.0.0.7 has an out-of-bounds write vulnerability, which is caused by a stack-based buffer overflow in the ssidIndex parameter of the setWrlAccessList function. An attacker can exploit this vulnerability to inject malicious code to steal sensitive information or damage the system

A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250705 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda of PA6 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda PA6 Wi-Fi Powerline extender is a wireless network range extender from the Chinese company Tenda. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause Denial of service attack

A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250704. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the mac parameter of the /goform/SetOnlineDevName file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250703. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the devName parameter of the /goform/SetOnlineDevName file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the wpapsk_crypto2_4g parameter of the /goform/WifiExtraSet file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the deviceList parameter of the /goform/setBlackRule file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface. TOTOLINK EX1800T is a Wi-Fi range extender from China's Zeon Electronics (TOTOLINK) company. An attacker could exploit this vulnerability to execute arbitrary commands on the system

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. D-Link DIR-822 is a wireless router made by China D-Link Company. D-Link DIR-822+ V1.0.2 version has an access control error vulnerability

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell. D-Link Electronic Equipment (Shanghai) Co., Ltd. DIR-822 is a wireless router made by China D-Link Company. There is a command injection vulnerability in the DIR-822+ V1.0.2 version of D-X Electronic Equipment (Shanghai) Co., Ltd. The vulnerability is caused by the SetStaticRouteSettings function failing to correctly filter special characters, commands, etc. in the constructed command