Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tendacn Subscribe
Total 93 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-22079 1 Tendacn 4 Ac10u, Ac10u Firmware, Ac9 and 1 more 2022-10-26 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
CVE-2022-40853 1 Tendacn 2 Ac15, Ac15 Firmware 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
CVE-2022-40860 1 Tendacn 2 Ac15, Ac15 Firmware 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
CVE-2022-40862 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
CVE-2022-40864 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
CVE-2022-40865 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/
CVE-2022-40869 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-23 N/A 9.8 CRITICAL
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").
CVE-2022-38325 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-19 N/A 9.8 CRITICAL
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
CVE-2022-38326 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2022-09-19 N/A 9.8 CRITICAL
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
CVE-2020-20746 1 Tendacn 2 Ac9, Ac9 Firmware 2022-09-14 6.5 MEDIUM 7.2 HIGH
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.
CVE-2022-36552 1 Tendacn 2 Ac6, Ac6 Firmware 2022-09-06 N/A 7.5 HIGH
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
CVE-2022-37176 1 Tendacn 2 Ac6, Ac6 Firmware 2022-09-06 N/A 9.8 CRITICAL
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
CVE-2022-36233 1 Tendacn 2 Ac9, Ac9 Firmware 2022-08-20 N/A 5.5 MEDIUM
Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.
CVE-2022-32386 1 Tendacn 2 Ac23 Ac2100, Ac23 Ac2100 Firmware 2022-07-13 7.5 HIGH 9.8 CRITICAL
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVE-2022-32384 1 Tendacn 2 Ac23 Ac2100, Ac23 Ac2100 Firmware 2022-07-13 5.8 MEDIUM 8.8 HIGH
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
CVE-2022-32383 1 Tendacn 2 Ac23 Ac2100, Ac23 Ac2100 Firmware 2022-07-13 7.5 HIGH 9.8 CRITICAL
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
CVE-2022-32385 1 Tendacn 2 Ac23 Ac2100, Ac23 Ac2100 Firmware 2022-07-13 7.5 HIGH 9.8 CRITICAL
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
CVE-2021-27691 1 Tendacn 6 G0, G0 Firmware, G1 and 3 more 2022-07-12 10.0 HIGH 9.8 CRITICAL
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.
CVE-2021-27692 1 Tendacn 4 G1, G1 Firmware, G3 and 1 more 2022-07-12 10.0 HIGH 9.8 CRITICAL
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.
CVE-2021-45987 1 Tendacn 4 G1, G1 Firmware, G3 and 1 more 2022-07-12 7.5 HIGH 9.8 CRITICAL
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter.