Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tenda Subscribe
Total 449 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36587 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
CVE-2022-36585 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.
CVE-2022-36586 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.
CVE-2022-36584 1 Tenda 2 G3, G3 Firmware 2022-09-08 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.
CVE-2022-36571 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 7.2 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
CVE-2022-36570 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 7.2 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
CVE-2022-36569 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 8.8 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
CVE-2022-36568 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 8.8 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
CVE-2022-38510 1 Tenda 2 Tx9 Pro, Tx9 Pro Firmware 2022-09-01 N/A 7.8 HIGH
Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList.
CVE-2022-38562 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter.
CVE-2022-38565 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter.
CVE-2022-38563 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter.
CVE-2022-38564 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter.
CVE-2022-38566 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter.
CVE-2022-38568 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter.
CVE-2022-38567 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter.
CVE-2022-38571 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.
CVE-2022-38570 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter.
CVE-2022-38569 1 Tenda 2 M3, M3 Firmware 2022-09-01 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.
CVE-2022-37292 1 Tenda 2 Ax12, Ax12 Firmware 2022-08-26 N/A 5.5 MEDIUM
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.