Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-55732
Frappe is a full-stack web application framework. Prior to 15.74.2 and 14.96.15, an attacker could implement SQL injection through specially crafted requests, allowing malicious people to access sensitive information. This vulnerability is a bypass of the official patch released for CVE-2025-52895. This vulnerability is fixed in 15.74.2 and 14.96.15.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55731
Frappe is a full-stack web application framework. A carefully crafted request could extract data that the user would normally not have access to, via SQL injection. This vulnerability is fixed in 15.74.2 and 14.96.15.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55482
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-55498
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-55483
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
CVE-2025-55499
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-20
CVE-2025-55503
Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-08-20
CVE-2025-30256
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-08-20
CVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-08-20
CVE-2025-32010
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
CVSS Score
8.1
EPSS Score
0.006
Published
2025-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved