Filtered by vendor Tenda
Subscribe
Total
609 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24156 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
CVE-2022-24142 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the firewallEn parameter. | |||||
CVE-2022-24149 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetWirelessRepeat. This vulnerability allows attackers to cause a Denial of Service (DoS) via the wpapsk_crypto parameter. | |||||
CVE-2022-24163 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter. | |||||
CVE-2022-24162 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | |||||
CVE-2022-24157 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetMacFilterCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceList parameter. | |||||
CVE-2022-24151 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS) via the shareSpeed parameter. | |||||
CVE-2022-24155 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in the function setSchedWifi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the schedStartTime and schedEndTime parameters. | |||||
CVE-2022-24145 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formWifiBasicSet. This vulnerability allows attackers to cause a Denial of Service (DoS) via the security and security_5g parameters. | |||||
CVE-2022-24148 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function mDMZSetCfg. This vulnerability allows attackers to execute arbitrary commands via the dmzIp parameter. | |||||
CVE-2022-24158 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
CVE-2022-24144 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters. | |||||
CVE-2021-31758 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request. | |||||
CVE-2021-27705 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit. | |||||
CVE-2021-31756 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copied to the stack variable. | |||||
CVE-2021-27707 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit. | |||||
CVE-2021-27706 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit. | |||||
CVE-2021-31755 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request. | |||||
CVE-2021-31757 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request. | |||||
CVE-2021-3186 | 1 Tenda | 2 Ac1200, Ac1200 Firmware | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter. |