Total
2851 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-63835 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to denial of service (device crash) or potential remote code execution. | |||||
| CVE-2025-63658 | 1 Monkey-project | 1 Monkey | 2026-06-17 | N/A | 7.5 HIGH |
| A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. | |||||
| CVE-2025-63469 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_421BAC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63468 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63467 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_425400 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63466 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63465 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_422880 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63464 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_42396C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63463 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the wifiOff parameter in the sub_4232EC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63462 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub_421A04 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63461 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63460 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_4222E0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63459 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_421CF0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63458 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63457 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63456 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63455 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63454 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the deviceId parameter in the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-63154 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2025-63153 | 1 Totolink | 2 A7000r, A7000r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
