lst-oss/Vulnerability
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 7.8 HIGH | — | ||
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call. | |||
| 8.8 HIGH | — | ||
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | |||
| 8.8 HIGH | — | ||
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | |||
| 9.8 CRITICAL | — | ||
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | |||
| 8.8 HIGH | — | ||
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | |||
| 8.8 HIGH | — | ||
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn | |||
| 6.5 MEDIUM | — | ||
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | |||
| 7.5 HIGH | — | ||
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function. | |||
| 7.5 HIGH | — | ||
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | |||
| 7.5 HIGH | — | ||
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function. | |||