CVE-2025-4354 – Tenda DAP-1520 Stack-Based Buffer Overflow Vulnerability

May 6, 2025

CVE ID : CVE-2025-4354

Published : May 6, 2025, 1:15 p.m. | 2 hours, 19 minutes ago

Description : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4356 – Tenda DAP-1520 Stack-Based Buffer Overflow in Authentication Handler

Next Article CVE-2025-4355 – Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-5140 – Seeyon Zhiyuan OA Web Application System Server-Side Request Forgery Vulnerability

May 25, 2025

CVE ID : CVE-2025-5140

Published : May 25, 2025, 2:15 a.m. | 2 hours, 48 minutes ago

Description : A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System up to 8.1 SP2. This affects the function this.oursNetService.getData of the file comourswwwehropenPlatform1open4ClientTypecontrollerThirdMenuController.class. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-4354 – Tenda DAP-1520 Stack-Based Buffer Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-23121 Remote Code Execution in Veeam

Affordable cybersecurity for SMBs in the midwest

CVE-2025-5511 – “Quequnlong Shiyi-Blog Remote Unauthorized File Access Vulnerability”

CVE-2025-7127 – iSourcecode Employee Management System SQL Injection Vulnerability

CVE-2025-5140 – Seeyon Zhiyuan OA Web Application System Server-Side Request Forgery Vulnerability

14 Best Free and Open Source Linux GUI Flashcard Software

CVE-2025-34035 – EnGenius EnShare Cloud Service OS Command Injection

GMines is a clone of the well-known minesweeper game

CVE-2025-4354 – Tenda DAP-1520 Stack-Based Buffer Overflow Vulnerability

Related Posts