Security Vulnerabilities
A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-08
A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-08
A vulnerability was found in Tenda AC15 15.03.05.19_multi and classified as critical. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. The manipulation of the argument list leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-08
A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOSÂ through improper input.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08