AC23
by Tenda
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-32386 | Cri | 0.65 | 9.8 | 0.11 | Jul 6, 2022 | Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan. | ||
| CVE-2023-40799 | Cri | 0.64 | 9.8 | 0.01 | Aug 25, 2023 | Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | ||
| CVE-2022-43108 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | ||
| CVE-2022-43107 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | ||
| CVE-2022-43106 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function. | ||
| CVE-2022-43105 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | ||
| CVE-2022-43104 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | ||
| CVE-2022-43103 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function. | ||
| CVE-2022-43102 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | ||
| CVE-2022-43101 | Cri | 0.64 | 9.8 | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | ||
| CVE-2022-32385 | Cri | 0.64 | 9.8 | 0.02 | Jul 6, 2022 | Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote). | ||
| CVE-2022-32383 | Cri | 0.64 | 9.8 | 0.01 | Jul 6, 2022 | Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function. | ||
| CVE-2025-8060 | Hig | 0.57 | 8.8 | 0.01 | Jul 23, 2025 | A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function sub_46C940 of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stack-based buffer… | ||
| CVE-2023-40798 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2023 | In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | ||
| CVE-2023-40797 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2023 | In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | ||
| CVE-2023-40801 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2023 | The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn | ||
| CVE-2023-40800 | Hig | 0.57 | 8.8 | 0.01 | Aug 25, 2023 | The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | ||
| CVE-2022-32384 | Hig | 0.57 | 8.8 | 0.01 | Jul 1, 2022 | Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet. | ||
| CVE-2023-24334 | Hig | 0.52 | 8.0 | 0.00 | Feb 21, 2024 | A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter. | ||
| CVE-2023-2649 | Hig | 0.48 | 7.2 | 0.10 | May 11, 2023 | A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated… |
- risk 0.65cvss 9.8epss 0.11
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
- risk 0.64cvss 9.8epss 0.02
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
- risk 0.64cvss 9.8epss 0.01
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function sub_46C940 of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stack-based buffer…
- risk 0.57cvss 8.8epss 0.01
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
- risk 0.57cvss 8.8epss 0.01
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
- risk 0.57cvss 8.8epss 0.01
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
- risk 0.57cvss 8.8epss 0.01
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
- risk 0.57cvss 8.8epss 0.01
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
- risk 0.52cvss 8.0epss 0.00
A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.
- risk 0.48cvss 7.2epss 0.10
A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated…
Page 1 of 2