G3
by Enterasys
CVEs (53)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46628 | 0.01 | — | 0.11 | Sep 26, 2024 | Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. | |||
| CVE-2022-24165 | 0.01 | — | 0.03 | Feb 4, 2022 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter. | |||
| CVE-2022-24170 | 0.01 | — | 0.03 | Feb 4, 2022 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters. | |||
| CVE-2022-24171 | 0.01 | — | 0.03 | Feb 4, 2022 | Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP… | |||
| CVE-2025-57070 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57061 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57060 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57063 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57069 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57072 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57058 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57071 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57062 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57057 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57059 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57064 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2025-57078 | 0.00 | — | 0.00 | Sep 9, 2025 | Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2024-50854 | 0.00 | — | 0.01 | Nov 13, 2024 | Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. | |||
| CVE-2024-50853 | 0.00 | — | 0.02 | Nov 13, 2024 | Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. | |||
| CVE-2024-50852 | 0.00 | — | 0.02 | Nov 13, 2024 | Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. |
- CVE-2024-46628Sep 26, 2024risk 0.01cvss —epss 0.11
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
- CVE-2022-24165Feb 4, 2022risk 0.01cvss —epss 0.03
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.
- CVE-2022-24170Feb 4, 2022risk 0.01cvss —epss 0.03
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.
- CVE-2022-24171Feb 4, 2022risk 0.01cvss —epss 0.03
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP…
- CVE-2025-57070Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57061Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57060Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57063Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57069Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57072Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57058Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57071Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57062Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57057Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57059Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57064Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2025-57078Sep 9, 2025risk 0.00cvss —epss 0.00
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2024-50854Nov 13, 2024risk 0.00cvss —epss 0.01
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function.
- CVE-2024-50853Nov 13, 2024risk 0.00cvss —epss 0.02
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function.
- CVE-2024-50852Nov 13, 2024risk 0.00cvss —epss 0.02
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function.
Page 1 of 3