Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda Subscribe
Filtered by product Ax1803

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-51972 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-01-12 N/A 9.8 CRITICAL
Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp.
CVE-2023-51971 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-01-12 N/A 9.8 CRITICAL
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo.
CVE-2023-49040 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-12-01 N/A 9.8 CRITICAL
An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function.
CVE-2023-49042 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-12-01 N/A 9.8 CRITICAL
Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.
CVE-2023-49044 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-12-01 N/A 9.8 CRITICAL
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.
CVE-2023-49043 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-12-01 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat.
CVE-2023-49046 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-12-01 N/A 9.8 CRITICAL
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.
CVE-2022-34596 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-08-08 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34595 1 Tenda 2 Ax1803, Ax1803 Firmware 2023-08-08 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.