Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34774 | 1 Tabit Technologies | 1 Tabit | 2022-08-26 | N/A | 5.3 MEDIUM |
| Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover (the mail can be used to reset password). | |||||
| CVE-2022-34773 | 1 Tabit Technologies | 1 Tabit | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection. | |||||
| CVE-2022-30605 | 1 Wwbn | 1 Avideo | 2022-08-26 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2022-34772 | 1 Tabit Technologies | 1 Tabit | 2022-08-26 | N/A | 8.8 HIGH |
| Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting. | |||||
| CVE-2022-37800 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic. | |||||
| CVE-2022-37799 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement. | |||||
| CVE-2022-37798 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer. | |||||
| CVE-2022-37804 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo. | |||||
| CVE-2022-37803 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat. | |||||
| CVE-2022-37802 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting. | |||||
| CVE-2022-37801 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. | |||||
| CVE-2022-37808 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB. | |||||
| CVE-2022-37807 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState. | |||||
| CVE-2022-37806 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient. | |||||
| CVE-2022-37805 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle. | |||||
| CVE-2022-37813 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime. | |||||
| CVE-2022-37812 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg. | |||||
| CVE-2022-37811 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer. | |||||
| CVE-2022-37810 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | |||||
| CVE-2022-37809 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2022-08-26 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan. | |||||