Aggregator

A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing manipulation of the argument enable results in stack-based buffer overflow. This vulnerability was named CVE-2025-12214. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability classified as critical was found in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-12213. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability classified as critical has been found in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-12212. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. This vulnerability is known as CVE-2025-12211. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-12210. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-12209. The attack may be performed from remote. In addition, an exploit is available.

Новый проект описывает, как действовать от первых измерений до объявления через ООН.

伪装成顺丰天工实验室招聘信息钓鱼样本分析

Submit #673269 / VDB-329884

Submit #673268 / VDB-329883

Submit #673267 / VDB-329882

Submit #673265 / VDB-329881

Submit #673264 / VDB-329880

Submit #673263 / VDB-329879

A vulnerability identified as critical has been detected in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-12208. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability categorized as problematic has been discovered in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-12207. The attack needs to be performed locally. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Kamailio 5.5. It has been rated as problematic. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. This vulnerability is registered as CVE-2025-12206. The attack needs to be launched locally. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Kamailio 5.5. It has been declared as problematic. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. This vulnerability is cataloged as CVE-2025-12205. The attack must be initiated from a local position. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Kamailio 5.5. It has been classified as problematic. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-12204. The attack must be carried out locally. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.