GD@hillstone

26 exploits Active since Mar 2022
CVE-2022-26258 WRITEUP CRITICAL WRITEUP
D-Link DIR-820L <1.05B03 - RCE
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
CVSS 9.8
CVE-2023-49402 WRITEUP CRITICAL WORKING POC
Tenda W30E V16.01.0.12 - Buffer Overflow
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg.
CVSS 9.8
CVE-2023-49403 WRITEUP CRITICAL WRITEUP
Tenda W30E V16.01.0.12 - Command Injection
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setFixTools.
CVSS 9.8
CVE-2023-49404 WRITEUP CRITICAL WORKING POC
Tenda W30E <16.01.0.12 - Buffer Overflow
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
CVSS 9.8
CVE-2023-49405 WRITEUP CRITICAL WORKING POC
Tenda W30E V16.01.0.12 - Buffer Overflow
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.
CVSS 9.8
CVE-2023-49406 WRITEUP CRITICAL WRITEUP
Tenda W30E <16.01.0.12 - Command Injection
Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
CVSS 9.8
CVE-2023-49408 WRITEUP CRITICAL WORKING POC
Tenda AX3 V16.03.12.11 - Buffer Overflow
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
CVSS 9.8
CVE-2023-49409 WRITEUP CRITICAL WRITEUP
Tenda AX3 V16.03.12.11 - Command Injection
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
CVSS 9.8
CVE-2023-49410 WRITEUP CRITICAL WORKING POC
Tenda W30E <16.01.0.12 - Buffer Overflow
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status.
CVSS 9.8
CVE-2023-49411 WRITEUP CRITICAL WORKING POC
Tenda W30E V16.01.0.12 - Buffer Overflow
Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.
CVSS 9.8
CVE-2023-49999 WRITEUP CRITICAL WRITEUP
Tenda W30e Firmware - Out-of-Bounds Write
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition.
CVSS 9.8
CVE-2023-50000 WRITEUP CRITICAL WORKING POC
Tenda W30e Firmware - Out-of-Bounds Write
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode.
CVSS 9.8
CVE-2023-50001 WRITEUP CRITICAL WORKING POC
Tenda W30e Firmware - Out-of-Bounds Write
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline.
CVSS 9.8
CVE-2023-50002 WRITEUP CRITICAL WORKING POC
Tenda W30e Firmware - Out-of-Bounds Write
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode.
CVSS 9.8
CVE-2023-51090 WRITEUP CRITICAL WORKING POC
Tenda M3 V1.0.0.12 - Buffer Overflow
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
CVSS 9.8
CVE-2023-51091 WRITEUP CRITICAL WORKING POC
Tenda M3 V1.0.0.12 - Buffer Overflow
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.
CVSS 9.8
CVE-2023-51092 WRITEUP CRITICAL WORKING POC
Tenda M3 V1.0.0.12 - Buffer Overflow
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.
CVSS 9.8
CVE-2023-51093 WRITEUP CRITICAL WORKING POC
Tenda M3 V1.0.0.12 - Buffer Overflow
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo.
CVSS 9.8
CVE-2023-51094 WRITEUP CRITICAL WRITEUP
Tenda M3 V1.0.0.12 - Command Injection
Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet.
CVSS 9.8
CVE-2023-51095 WRITEUP CRITICAL WORKING POC
Tenda M3 V1.0.0.12 - Buffer Overflow
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.
CVSS 9.8
CVE-2023-51097 WRITEUP CRITICAL WORKING POC
Tenda W9 V1.0.0.7 - Buffer Overflow
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing.
CVSS 9.8
CVE-2023-51098 WRITEUP CRITICAL WRITEUP
Tenda W9 V1.0.0.7 - Command Injection
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo .
CVSS 9.8
CVE-2023-51099 WRITEUP CRITICAL WRITEUP
Tenda W9 V1.0.0.7 - Command Injection
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand .
CVSS 9.8
CVE-2023-51100 WRITEUP CRITICAL WRITEUP
Tenda W9 V1.0.0.7 - Command Injection
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo .
CVSS 9.8
CVE-2023-51101 WRITEUP CRITICAL WORKING POC
Tenda W9 V1.0.0.7 - Buffer Overflow
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo.
CVSS 9.8