xubeining

7 exploits Active since May 2025
CVE-2025-44175 WRITEUP MEDIUM WRITEUP
Tenda AC10 v4 V16.03.10.13 - Buffer Overflow in GetParentControlInfo
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
CVSS 5.4
CVE-2025-44176 WRITEUP MEDIUM WORKING POC
Tenda FH451 V1.0.0.9 - Remote Code Execution via formSafeEmailFilter
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
CVSS 6.5
CVE-2025-4867 WRITEUP MEDIUM WORKING POC
Tenda A15 15.13.07.13 - Denial of Service via formArpNerworkSet Function
A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.5
CVE-2025-5080 WRITEUP HIGH WORKING POC
Tenda FH451 1.0.0.9 - Buffer Overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2025-5228 WRITEUP HIGH WORKING POC
D-Link DI-8100 < 20250523 - Stack-Based Buffer Overflow via Notify Parameter in login.cgi
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2025-5619 WRITEUP HIGH WORKING POC
Tenda CH22 1.0.0.1 - Stack-Based Buffer Overflow via Password Parameter in addUserName
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2025-5685 WRITEUP HIGH WORKING POC
Tenda CH22 1.0.0.1 - Stack-based Buffer Overflow via Natlimit Page Parameter
A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8