Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-63457
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-10
CVE-2025-63834
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-10
CVE-2025-63835
A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to denial of service (device crash) or potential remote code execution.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-10
CVE-2025-63147
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-10
CVE-2025-63455
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-10
CVE-2025-63456
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-10
CVE-2025-63152
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the wpapsk_crypto parameter of the wlSetExternParameter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-10
CVE-2025-63153
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-10
CVE-2025-63154
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-10
CVE-2025-46430
Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved