Filtered by vendor Tenda
Subscribe
Total
1328 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49430 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-49409 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet. | |||||
| CVE-2023-48963 | 1 Tenda | 2 I6, I6 Firmware | 2023-12-05 | N/A | 7.5 HIGH |
| Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget. | |||||
| CVE-2023-48964 | 1 Tenda | 2 I6, I6 Firmware | 2023-12-05 | N/A | 7.5 HIGH |
| Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet. | |||||
| CVE-2023-49042 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi. | |||||
| CVE-2023-49047 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName. | |||||
| CVE-2023-49044 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set. | |||||
| CVE-2023-45479 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. | |||||
| CVE-2023-45480 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | |||||
| CVE-2023-45482 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | |||||
| CVE-2023-45483 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. | |||||
| CVE-2023-45484 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. | |||||
| CVE-2023-49046 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule. | |||||
| CVE-2023-49043 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. | |||||
| CVE-2023-48109 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-11-24 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack | |||||
| CVE-2023-43885 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-11-16 | N/A | 8.1 HIGH |
| Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | |||||
| CVE-2023-43886 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-11-16 | N/A | 7.1 HIGH |
| A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | |||||
| CVE-2023-4498 | 1 Tenda | 2 N300, N300 Firmware | 2023-11-07 | N/A | 5.3 MEDIUM |
| Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | |||||
| CVE-2020-35391 | 1 Tenda | 2 F3, F3 Firmware | 2023-11-07 | 3.3 LOW | 6.5 MEDIUM |
| Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HTTP request headers must be unusual, but it is not known why these are relevant to the device's HTTP response behavior. | |||||
| CVE-2023-46370 | 1 Tenda | 2 W18e, W18e Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function. | |||||