Filtered by vendor Tendacn
Subscribe
Total
145 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31627 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2021-11-03 | 5.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. | |||||
| CVE-2021-31624 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2021-11-02 | 5.8 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | |||||
| CVE-2020-28094 | 1 Tendacn | 2 Ac1200, Ac1200 Firmware | 2020-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning. | |||||
| CVE-2020-28093 | 1 Tendacn | 2 Ac1200, Ac1200 Firmware | 2020-12-30 | 6.5 MEDIUM | 7.2 HIGH |
| On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234. | |||||
| CVE-2018-7561 | 2 Tenda, Tendacn | 2 Ac9, Ac9 Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2018-14492 | 1 Tendacn | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. | |||||
| CVE-2019-19506 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2020-07-08 | 7.8 HIGH | 7.5 HIGH |
| Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot. | |||||
| CVE-2019-19505 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2020-07-08 | 9.0 HIGH | 8.8 HIGH |
| Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. | |||||
| CVE-2019-16213 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2020-07-01 | 9.0 HIGH | 8.8 HIGH |
| Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. | |||||
| CVE-2020-13389 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13390 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13391 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13392 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13393 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13394 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2020-05-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2018-5770 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in. | |||||
| CVE-2019-16412 | 1 Tendacn | 2 N301, N301 Firmware | 2019-09-19 | 7.8 HIGH | 7.5 HIGH |
| In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) | |||||
| CVE-2018-20373 | 1 Tendacn | 2 Adsl, Adsl Firmware | 2019-01-14 | 3.5 LOW | 5.4 MEDIUM |
| Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client. | |||||
| CVE-2018-16333 | 1 Tendacn | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2018-10-25 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. | |||||
| CVE-2018-16334 | 1 Tendacn | 4 Ac10, Ac10 Firmware, Ac9 and 1 more | 2018-10-25 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection. | |||||