8.7
CVE-2025-12214 - Tenda O3 sysAutoReboot GetValue stack-based overflow
A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and β¦
8.7
CVE-2025-12213 - Tenda O3 setVlanConfig GetValue stack-based overflow
A security vulnerability has been detected in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been dβ¦
8.7
CVE-2025-12212 - Tenda O3 setNetworkService GetValue stack-based overflow
A weakness has been identified in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to theβ¦
8.7
CVE-2025-12211 - Tenda O3 setDmzInfo GetValue stack-based overflow
A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been β¦
8.7
CVE-2025-12210 - Tenda O3 AdvSetLanip GetValue stack-based overflow
A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is puβ¦
8.7
CVE-2025-12209 - Tenda O3 setDhcpConfig GetValue stack-based overflow
A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing a manipulation of the argument dhcpEn can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly diβ¦
6.9
CVE-2025-12208 - SourceCodester Best House Rental Management System admin_class.php login2 sql injection
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been madeβ¦
4.8
CVE-2025-12207 - Kamailio Grammar Rule cfg.y yyerror_at null pointer dereference
A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may β¦
4.8
CVE-2025-12206 - Kamailio rvalue.c rve_is_constant null pointer dereference
A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this vulnerabβ¦
4.8
CVE-2025-12205 - Kamailio Configuration File cfg.lex sr_push_yy_state use after free
A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a local position. The exploit is now public andβ¦