Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tendacn Subscribe
Filtered by product Pa6
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19506 1 Tendacn 2 Pa6, Pa6 Firmware 2020-07-08 7.8 HIGH 7.5 HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.
CVE-2019-19505 1 Tendacn 2 Pa6, Pa6 Firmware 2020-07-08 9.0 HIGH 8.8 HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2019-16213 1 Tendacn 2 Pa6, Pa6 Firmware 2020-07-01 9.0 HIGH 8.8 HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.