Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38823 | 1 Tenda | 8 Ac18, Ac18 Firmware, Ac19 and 5 more | 2024-07-29 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | |||||
| CVE-2023-2923 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-05-17 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-38936 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
| CVE-2023-38931 | 1 Tenda | 16 Ac10, Ac10 Firmware, Ac1206 and 13 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. | |||||
| CVE-2023-38933 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2023-38937 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. | |||||
| CVE-2022-40010 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | N/A | 5.4 MEDIUM |
| Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | |||||
| CVE-2022-41483 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-41480 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-41485 | 1 Tenda | 3 Ac6, Ac6 Firmware, Ac6v2.0 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-41482 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-41481 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-25446 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function. | |||||
| CVE-2022-25459 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function. | |||||
| CVE-2022-25454 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function. | |||||
| CVE-2022-25458 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function. | |||||
| CVE-2022-25445 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | |||||
| CVE-2022-25449 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | |||||
| CVE-2022-25456 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function. | |||||
| CVE-2022-25450 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||||