Filtered by vendor Tenda
Subscribe
Search
Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. | |||||
| CVE-2022-25437 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||||
| CVE-2022-25435 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. | |||||
| CVE-2022-25434 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function. | |||||
| CVE-2022-25433 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25431 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. | |||||
| CVE-2022-25429 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25428 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25427 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. | |||||
| CVE-2022-32030 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. | |||||
| CVE-2022-32039 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient. | |||||
| CVE-2022-34597 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | |||||
| CVE-2022-34596 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | |||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-07-12 | 6.1 MEDIUM | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | |||||
| CVE-2021-44971 | 1 Tenda | 4 Ac15, Ac15 Firmware, Ac5 and 1 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE. | |||||
| CVE-2022-32032 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-07-09 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. | |||||
| CVE-2022-32033 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-07-09 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. | |||||
| CVE-2022-30425 | 1 Tenda | 2 Hg6, Hg6 Firmware | 2022-06-10 | 9.0 HIGH | 8.8 HIGH |
| Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. | |||||
| CVE-2022-30476 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | |||||
| CVE-2022-30475 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. | |||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | |||||
| CVE-2022-30473 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set | |||||
| CVE-2022-30472 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat | |||||
| CVE-2022-30477 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. | |||||
| CVE-2022-30033 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2022-05-26 | 7.8 HIGH | 7.5 HIGH |
| Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module. | |||||
| CVE-2022-28917 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-26 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp. | |||||
| CVE-2022-30040 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2022-05-20 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service. | |||||
| CVE-2022-28973 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-17 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-28972 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-17 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-28969 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-16 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-28971 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-16 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-28970 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-05-16 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-29591 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. | |||||
| CVE-2022-29592 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2022-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route). | |||||
| CVE-2022-28082 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList. | |||||
| CVE-2022-28560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-05-11 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||||
| CVE-2022-28561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-09 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||||
| CVE-2022-27375 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-06 | 7.1 HIGH | 6.5 MEDIUM |
| Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet. | |||||
| CVE-2022-27374 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-06 | 7.1 HIGH | 6.5 MEDIUM |
| Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot. | |||||
| CVE-2021-45391 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-02-23 | 5.0 MEDIUM | 7.5 HIGH |
| A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service. | |||||
| CVE-2021-46262 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46263 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46264 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46265 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-46321 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2022-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2021-45392 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-02-23 | 7.8 HIGH | 7.5 HIGH |
| A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service. | |||||
| CVE-2020-26728 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request. | |||||
| CVE-2022-24143 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2022-02-09 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter. | |||||
| CVE-2022-24142 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2022-02-07 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the firewallEn parameter. | |||||
| CVE-2022-24144 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2022-02-07 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters. | |||||