i12
by Tenda
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5609 | Hig | 0.57 | 8.8 | 0.01 | Apr 6, 2026 | A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. It is… | ||
| CVE-2026-4043 | Hig | 0.57 | 8.8 | 0.01 | Mar 12, 2026 | A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The… | ||
| CVE-2026-4042 | Hig | 0.57 | 8.8 | 0.01 | Mar 12, 2026 | A weakness has been identified in Tenda i12 1.0.0.6(2204). The affected element is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. This manipulation of the argument index causes stack-based buffer overflow. The attack may be initiated remotely. The… | ||
| CVE-2026-4041 | Hig | 0.57 | 8.8 | 0.01 | Mar 12, 2026 | A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been… | ||
| CVE-2026-5849 | Hig | 0.47 | 7.3 | 0.01 | Apr 9, 2026 | A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be… | ||
| CVE-2025-29149 | 0.00 | — | 0.00 | Mar 20, 2025 | Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. | |||
| CVE-2025-1881 | 0.00 | — | 0.00 | Mar 3, 2025 | A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can… | |||
| CVE-2025-1880 | 0.00 | — | 0.00 | Mar 3, 2025 | A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on… | |||
| CVE-2025-1879 | 0.00 | — | 0.00 | Mar 3, 2025 | A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was… | |||
| CVE-2025-1878 | 0.00 | — | 0.00 | Mar 3, 2025 | A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This vulnerability affects unknown code of the component WiFi. The manipulation leads to use of default password. Access to the local network is required for this attack to… | |||
| CVE-2025-25678 | 0.00 | — | 0.00 | Feb 20, 2025 | Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | |||
| CVE-2025-25676 | 0.00 | — | 0.00 | Feb 20, 2025 | Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | |||
| CVE-2025-25679 | 0.00 | — | 0.00 | Feb 20, 2025 | Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. |
- risk 0.57cvss 8.8epss 0.01
A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. It is…
- risk 0.57cvss 8.8epss 0.01
A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The…
- risk 0.57cvss 8.8epss 0.01
A weakness has been identified in Tenda i12 1.0.0.6(2204). The affected element is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. This manipulation of the argument index causes stack-based buffer overflow. The attack may be initiated remotely. The…
- risk 0.57cvss 8.8epss 0.01
A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.01
A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be…
- CVE-2025-29149Mar 20, 2025risk 0.00cvss —epss 0.00
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
- CVE-2025-1881Mar 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can…
- CVE-2025-1880Mar 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on…
- CVE-2025-1879Mar 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was…
- CVE-2025-1878Mar 3, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This vulnerability affects unknown code of the component WiFi. The manipulation leads to use of default password. Access to the local network is required for this attack to…
- CVE-2025-25678Feb 20, 2025risk 0.00cvss —epss 0.00
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.
- CVE-2025-25676Feb 20, 2025risk 0.00cvss —epss 0.00
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.
- CVE-2025-25679Feb 20, 2025risk 0.00cvss —epss 0.00
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.