Filtered by vendor Tenda
Subscribe
Total
1328 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48194 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-24 | N/A | 9.8 CRITICAL |
| Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. | |||||
| CVE-2024-8231 | 1 Tenda | 2 O6, O6 Firmware | 2024-10-16 | N/A | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-46045 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2024-10-15 | N/A | 9.8 CRITICAL |
| Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. | |||||
| CVE-2023-49040 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-10-11 | N/A | 9.8 CRITICAL |
| An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function. | |||||
| CVE-2023-40904 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2024-10-02 | N/A | 9.8 CRITICAL |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | |||||
| CVE-2023-51958 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-10-01 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | |||||
| CVE-2024-7151 | 1 Tenda | 2 O3, O3 Firmware | 2024-10-01 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been declared as critical. This vulnerability affects the function fromMacFilterSet of the file /goform/setMacFilter. The manipulation of the argument remark leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-272554 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-36103 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-09-24 | N/A | 9.8 CRITICAL |
| Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request. | |||||
| CVE-2024-46049 | 1 Tenda | 2 O6, O6 Firmware | 2024-09-20 | N/A | 9.8 CRITICAL |
| Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function. | |||||
| CVE-2024-46048 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | N/A | 9.8 CRITICAL |
| Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i | |||||
| CVE-2024-46047 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | N/A | 7.5 HIGH |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | |||||
| CVE-2024-46046 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | N/A | 9.8 CRITICAL |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | |||||
| CVE-2024-46044 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2024-09-20 | N/A | 9.8 CRITICAL |
| CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function. | |||||
| CVE-2023-49424 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-09-13 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-50986 | 1 Tenda | 2 I29, I29 Firmware | 2024-09-13 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. | |||||
| CVE-2023-49428 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-09-13 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | |||||
| CVE-2024-7585 | 1 Tenda | 2 I22, I22 Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-7584 | 1 Tenda | 2 I22, I22 Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-46369 | 1 Tenda | 2 W18e, W18e Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. | |||||
| CVE-2023-51092 | 1 Tenda | 2 M3, M3 Firmware | 2024-09-09 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade. | |||||