Filtered by vendor Tenda
Subscribe
Total
532 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44971 | 1 Tenda | 4 Ac15, Ac15 Firmware, Ac5 and 1 more | 2024-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE. | |||||
| CVE-2022-45506 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. | |||||
| CVE-2023-51098 | 1 Tenda | 2 W9, W9 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo . | |||||
| CVE-2023-49047 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-05 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName. | |||||
| CVE-2023-49431 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | |||||
| CVE-2023-45483 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. | |||||
| CVE-2023-51099 | 1 Tenda | 2 W9, W9 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand . | |||||
| CVE-2023-51090 | 1 Tenda | 2 M3, M3 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig. | |||||
| CVE-2023-49406 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet. | |||||
| CVE-2023-49999 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. | |||||
| CVE-2023-50002 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode. | |||||
| CVE-2023-48110 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-05 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack | |||||
| CVE-2023-49402 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg. | |||||
| CVE-2023-49433 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-49426 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-50001 | 1 Tenda | 2 W30e, W30e Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline. | |||||
| CVE-2023-49042 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi. | |||||
| CVE-2023-49435 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 is vulnerable to command injection. | |||||
| CVE-2023-49424 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-49425 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . | |||||