Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda Subscribe
Filtered by product G3
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36587 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
CVE-2022-36585 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.
CVE-2022-36586 1 Tenda 2 G3, G3 Firmware 2022-09-09 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.
CVE-2022-36584 1 Tenda 2 G3, G3 Firmware 2022-09-08 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.
CVE-2021-27705 1 Tenda 4 G1, G1 Firmware, G3 and 1 more 2021-04-20 7.5 HIGH 9.8 CRITICAL
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.
CVE-2021-27707 1 Tenda 4 G1, G1 Firmware, G3 and 1 more 2021-04-20 7.5 HIGH 9.8 CRITICAL
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit.
CVE-2021-27706 1 Tenda 4 G1, G1 Firmware, G3 and 1 more 2021-04-20 7.5 HIGH 9.8 CRITICAL
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit.