CVE-2022-40866
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/
Source: CVE-2022-40866
[월:] 2022년 09월
CVE-2022-40861
CVE-2022-40861
Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/
Source: CVE-2022-40861
CVE-2022-40854
CVE-2022-40854
Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set
Source: CVE-2022-40854
CVE-2022-40855
CVE-2022-40855
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request ‘goform/setPortMapping/’. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
Source: CVE-2022-40855
CVE-2022-40851
CVE-2022-40851
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
Source: CVE-2022-40851
CVE-2022-40195
CVE-2022-40195
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PCA Predict plugin <= 1.0.3 at WordPress.
Source: CVE-2022-40195
CVE-2022-40672
CVE-2022-40672
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CPO Shortcodes plugin <= 1.5.0 at WordPress.
Source: CVE-2022-40672
CVE-2022-40868
CVE-2022-40868
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/
Source: CVE-2022-40868
CVE-2022-40310
CVE-2022-40310
Authenticated (subscriber+) Race Condition vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes.
Source: CVE-2022-40310
CVE-2022-40671
CVE-2022-40671
Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress.
Source: CVE-2022-40671