Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe

Filtered by product Ac23 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-40800	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	8.8 HIGH
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
CVE-2023-40801	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	8.8 HIGH
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
CVE-2023-40797	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	8.8 HIGH
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
CVE-2023-40802	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	6.5 MEDIUM
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn
CVE-2023-40798	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	8.8 HIGH
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
CVE-2023-40799	1 Tenda	2 Ac23, Ac23 Firmware	2023-08-29	N/A	9.8 CRITICAL
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.