Filtered by vendor Tenda
Subscribe
Search
Total
160 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27706 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2021-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit. | |||||
| CVE-2021-27707 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2021-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit. | |||||
| CVE-2021-27705 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2021-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit. | |||||
| CVE-2018-7561 | 2 Tenda, Tendacn | 2 Ac9, Ac9 Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2020-15916 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-27 | 10.0 HIGH | 9.8 CRITICAL |
| goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | |||||
| CVE-2020-10988 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-15 | 10.0 HIGH | 9.8 CRITICAL |
| A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. | |||||
| CVE-2018-14558 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. | |||||
| CVE-2018-18729 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2019-10-03 | 9.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow. | |||||
| CVE-2018-18728 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request. | |||||
| CVE-2015-5995 | 2 Mediabridge, Tenda | 3 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware, N3 Wireless N150 | 2015-12-31 | 10.0 HIGH | 9.8 CRITICAL |
| Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Cookie header. | |||||