Li Tengzheng

168 exploits Active since Feb 2026
CVE-2026-7099 WRITEUP HIGH WRITEUP
Tenda F456 httpd QuickIndex formQuickIndex buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mit_linktype results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
CVSS 8.8
CVE-2026-7100 WRITEUP HIGH WRITEUP
Tenda F456 httpd Natlimit fromNatlimitof buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
CVSS 8.8
CVE-2026-7101 WRITEUP HIGH WRITEUP
Tenda F456 httpd WrlclientSet fromWrlclientSet buffer overflow
A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2026-7102 WRITEUP MEDIUM WRITEUP
Tenda F456 httpd WriteFacMac FromWriteFacMac command injection
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be used.
CVSS 6.3
CVE-2026-7078 WRITEUP HIGH WRITEUP
Tenda F456 httpd SetIpBind fromSetIpBind buffer overflow
A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
CVSS 8.8
CVE-2026-7079 WRITEUP HIGH WRITEUP
Tenda F456 httpd AdvSetWan fromAdvSetWan buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CVSS 8.8
CVE-2026-7080 WRITEUP HIGH WRITEUP
Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
CVSS 8.8
CVE-2026-7081 WRITEUP HIGH WRITEUP
Tenda F456 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.
CVSS 8.8
CVE-2026-7082 WRITEUP HIGH WRITEUP
Tenda F456 httpd WrlExtraSet formWrlExtraSet buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.
CVSS 8.8
CVE-2026-7055 WRITEUP HIGH WRITEUP
Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
CVSS 8.8
CVE-2026-7056 WRITEUP HIGH WRITEUP
Tenda F456 httpd SafeUrlFilter fromSafeUrlFilter buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.
CVSS 8.8
CVE-2026-7057 WRITEUP HIGH WRITEUP
Tenda F456 httpd setcfm buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used.
CVSS 8.8
CVE-2026-7053 WRITEUP HIGH WRITEUP
Tenda F456 httpd L7Prot frmL7ProtForm buffer overflow
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
CVSS 8.8
CVE-2026-7054 WRITEUP HIGH WRITEUP
Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
CVSS 8.8
CVE-2026-7029 WRITEUP HIGH WRITEUP
Tenda F456 addressNat fromaddressNat buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the argument menufacturer/Go can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
CVSS 8.8
CVE-2026-7030 WRITEUP HIGH WRITEUP
Tenda F456 RouteStatic fromRouteStatic buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
CVSS 8.8
CVE-2026-7031 WRITEUP HIGH WRITEUP
Tenda F456 SafeMacFilter fromSafeMacFilter buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
CVSS 8.8
CVE-2026-7032 WRITEUP HIGH WRITEUP
Tenda F456 SafeEmailFilter buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
CVSS 8.8
CVE-2026-7033 WRITEUP HIGH WRITEUP
Tenda F456 SafeClientFilter fromSafeClientFilter buffer overflow
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2026-7034 WRITEUP HIGH WRITEUP
Tenda FH1202 httpd WrlExtraSet stack-based overflow
A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
CVSS 8.8
CVE-2026-7035 WRITEUP HIGH WRITEUP
Tenda FH1202 httpd WrlclientSet fromWrlclientSet stack-based overflow
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVSS 8.8
CVE-2026-7036 WRITEUP HIGH WRITEUP
Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal
A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVSS 7.3
CVE-2026-7037 WRITEUP CRITICAL WRITEUP
Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVSS 9.8
CVE-2026-7019 WRITEUP HIGH WRITEUP
Tenda F456 P2pListFilter fromP2pListFilter buffer overflow
A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVSS 8.8
CVE-2026-6197 WRITEUP HIGH WRITEUP
Tenda F456 AdvSetWrlsafeset formWrlsafeset stack-based overflow
A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of the argument mit_ssid can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
CVSS 8.8