Filtered by vendor Tenda
Subscribe
Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27076 | 1 Tenda | 2 M3, M3 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd. | |||||
| CVE-2022-25414 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR. | |||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 6.1 MEDIUM | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | |||||
| CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | |||||
| CVE-2022-28557 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution | |||||
| CVE-2022-28969 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-28970 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-25449 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | |||||
| CVE-2022-30425 | 1 Tenda | 2 Hg6, Hg6 Firmware | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
| Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. | |||||
| CVE-2022-25429 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25435 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. | |||||
| CVE-2022-28973 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. | |||||
| CVE-2022-25437 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | |||||
| CVE-2022-25548 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter. | |||||
| CVE-2022-28556 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971 | |||||
| CVE-2022-27022 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | |||||
| CVE-2022-25456 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function. | |||||
| CVE-2021-46263 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||