VYPR

i9

by Tenda

CVEs (11)

  • CVE-2022-40100CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.

  • CVE-2022-40107HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-40106HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-40105HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-40104HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-40102HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-40101HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2026-7036HigApr 26, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly…

  • CVE-2024-0996HigJan 29, 2024
    risk 0.47cvss 7.2epss 0.02

    A vulnerability classified as critical has been found in Tenda i9 1.0.0.9(4122). This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate…

  • CVE-2022-40103MedSep 23, 2022
    risk 0.36cvss 5.5epss 0.00

    Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2024-11650Nov 25, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to…