Total
3875 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-7418 | 2026-04-30 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-7419 | 2026-04-30 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | |||||
| CVE-2026-7078 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-7079 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-7080 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-7081 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. | |||||
| CVE-2026-7082 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. | |||||
| CVE-2026-7097 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-6012 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-6013 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-6988 | 1 Tenda | 2 Hg10, Hg10 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2026-7068 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2026-04-30 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-7069 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2026-04-30 | 7.7 HIGH | 8.0 HIGH |
| A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within the local network. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-6014 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Request Handler. This manipulation of the argument webpage causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-7099 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mit_linktype results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. | |||||
| CVE-2026-7100 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2026-7030 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-7098 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-7029 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the argument menufacturer/Go can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-5567 | 1 Tenda | 2 M3, M3 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. | |||||