Filtered by vendor Tenda
Subscribe
Total
741 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38934 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | |||||
| CVE-2023-38932 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | |||||
| CVE-2023-38930 | 1 Tenda | 10 Ac5, Ac5 Firmware, Ac7 and 7 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | |||||
| CVE-2023-38929 | 1 Tenda | 2 4g300, 4g300 Firmware | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | |||||
| CVE-2022-40845 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | N/A | 6.5 MEDIUM |
| The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have. | |||||
| CVE-2022-40843 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | N/A | 4.9 MEDIUM |
| The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account. | |||||
| CVE-2022-45977 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2023-08-08 | N/A | 8.8 HIGH |
| Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function. | |||||
| CVE-2022-45996 | 1 Tenda | 2 W15e, W20e Firmware | 2023-08-08 | N/A | 7.2 HIGH |
| Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. | |||||
| CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | |||||
| CVE-2022-35555 | 1 Tenda | 2 W6, W6 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. | |||||
| CVE-2022-36273 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. | |||||
| CVE-2022-32041 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData. | |||||
| CVE-2022-28556 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971 | |||||
| CVE-2022-25428 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-27081 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo. | |||||
| CVE-2022-32043 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo. | |||||
| CVE-2022-25431 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. | |||||
| CVE-2022-32039 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient. | |||||
| CVE-2022-32037 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg. | |||||
| CVE-2022-27082 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo. | |||||