Filtered by vendor Tendacn
Subscribe
Total
93 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-22079 | 1 Tendacn | 4 Ac10u, Ac10u Firmware, Ac9 and 1 more | 2022-10-26 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. | |||||
CVE-2022-40853 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set | |||||
CVE-2022-40860 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList | |||||
CVE-2022-40862 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting | |||||
CVE-2022-40864 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet | |||||
CVE-2022-40865 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ | |||||
CVE-2022-40869 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). | |||||
CVE-2022-38325 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-19 | N/A | 9.8 CRITICAL |
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. | |||||
CVE-2022-38326 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-19 | N/A | 9.8 CRITICAL |
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | |||||
CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2022-09-14 | 6.5 MEDIUM | 7.2 HIGH |
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | |||||
CVE-2022-36552 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-09-06 | N/A | 7.5 HIGH |
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request. | |||||
CVE-2022-37176 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-09-06 | N/A | 9.8 CRITICAL |
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard. | |||||
CVE-2022-36233 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2022-08-20 | N/A | 5.5 MEDIUM |
Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. | |||||
CVE-2022-32386 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan. | |||||
CVE-2022-32384 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 5.8 MEDIUM | 8.8 HIGH |
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet. | |||||
CVE-2022-32383 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function. | |||||
CVE-2022-32385 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote). | |||||
CVE-2021-27691 | 1 Tendacn | 6 G0, G0 Firmware, G1 and 3 more | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input. | |||||
CVE-2021-27692 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input. | |||||
CVE-2021-45987 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter. |