Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tenda Subscribe
Total 449 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37809 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.
CVE-2022-37811 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer.
CVE-2022-37812 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg.
CVE-2022-37810 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
CVE-2022-37814 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter.
CVE-2022-37815 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-26 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex.
CVE-2022-37816 1 Tenda 2 Ac1206, Ac1206 Firmware 2022-08-25 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind.
CVE-2022-37175 1 Tenda 2 Ac15, Ac15 Firmware 2022-08-23 N/A 9.8 CRITICAL
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
CVE-2022-35201 1 Tenda 2 Ac18, Ac18 Firmware 2022-08-23 N/A 9.8 CRITICAL
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
CVE-2022-36273 1 Tenda 2 Ac9, Ac9 Firmware 2022-08-17 N/A 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
CVE-2022-35561 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 7.5 HIGH
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
CVE-2022-35560 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 7.5 HIGH
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
CVE-2022-35559 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 9.8 CRITICAL
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.
CVE-2022-35557 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 7.5 HIGH
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
CVE-2022-35558 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 7.5 HIGH
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
CVE-2022-35555 1 Tenda 2 W6, W6 Firmware 2022-08-16 N/A 9.8 CRITICAL
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
CVE-2022-28572 1 Tenda 4 Ax1803, Ax1803 Firmware, Ax1806 and 1 more 2022-08-05 6.5 MEDIUM 8.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
CVE-2022-32054 1 Tenda 2 Ac10, Ac10 Firmware 2022-07-14 10.0 HIGH 9.8 CRITICAL
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
CVE-2022-34596 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-07-14 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34597 1 Tenda 2 Ax1806, Ax1806 Firmware 2022-07-14 7.5 HIGH 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.