VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 17 of 40
  • CVE-2026-5154HigMar 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the…

  • CVE-2026-5152HigMar 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda CH22 1.0.0.1. Impacted is the function formCreateFileName of the file /goform/createFileName. Performing a manipulation of the argument fileNameMit results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is…

  • CVE-2026-5004HigMar 28, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to…

  • CVE-2026-4975HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely.…

  • CVE-2026-4961HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The…

  • CVE-2026-4960HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can…

  • CVE-2026-4906HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.03

    A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack…

  • CVE-2026-4905HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the…

  • CVE-2026-4904HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched…

  • CVE-2026-4903HigMar 26, 2026
    risk 0.57cvss 8.8epss 0.05

    A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be…

  • CVE-2026-4861HigMar 26, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has…

  • CVE-2024-51348HigMar 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction pointer and achieve Remote Code Execution (RCE) by sending a specially crafted…

  • CVE-2026-4566HigMar 23, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been…

  • CVE-2026-4555HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated…

  • CVE-2026-4553HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Tenda F453 1.0.0.3. Impacted is the function fromNatlimit of the file /goform/Natlimit of the component Parameters Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2026-4552HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda F453 1.0.0.3. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component Parameters Handler. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be…

  • CVE-2026-4551HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component Parameters Handler. Performing a manipulation of the argument menufacturer/Go results in stack-based buffer…

  • CVE-2026-4535HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been…

  • CVE-2026-4534HigMar 22, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.

  • CVE-2026-4529HigMar 21, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might…