Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda Subscribe
Filtered by product Ax1803 Firmware
Total 17 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40876 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-10-31 N/A 9.8 CRITICAL
In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE).
CVE-2022-40874 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-10-28 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.
CVE-2022-40875 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-10-28 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.
CVE-2022-42086 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-10-14 N/A 6.5 MEDIUM
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.
CVE-2022-42087 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-10-14 N/A 6.5 MEDIUM
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-37824 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
CVE-2022-37823 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
CVE-2022-37820 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.
CVE-2022-37821 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.
CVE-2022-37822 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.
CVE-2022-37819 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.
CVE-2022-37818 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37817 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-08-26 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind.
CVE-2022-28572 1 Tenda 4 Ax1803, Ax1803 Firmware, Ax1806 and 1 more 2022-08-05 6.5 MEDIUM 8.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
CVE-2022-34596 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-07-14 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34595 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-07-14 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
CVE-2022-30040 1 Tenda 2 Ax1803, Ax1803 Firmware 2022-05-20 5.0 MEDIUM 7.5 HIGH
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.