Ghostsuzhijian/Iot-

Ghostsuzhijian/Iot-

Releases0

Stars2

一些漏洞挖掘项目

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-4356 ↗	May 6, 2025Tuesday, 6 May 2025, 14:15	8.8 HIGH	9 HIGH
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4357 ↗	May 6, 2025Tuesday, 6 May 2025, 14:15	4.7 MEDIUM	5.8 MEDIUM
A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4354 ↗	May 6, 2025Tuesday, 6 May 2025, 13:15	8.8 HIGH	9 HIGH
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4355 ↗	May 6, 2025Tuesday, 6 May 2025, 13:15	8.8 HIGH	9 HIGH
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-45042 ↗	May 5, 2025Monday, 5 May 2025, 16:15	9.8 CRITICAL	—
Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.