AX1806
by Tenda
CVEs (65)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4239 | Hig | 0.57 | 8.8 | 0.01 | Apr 26, 2024 | A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be… | ||
| CVE-2024-4238 | Hig | 0.57 | 8.8 | 0.01 | Apr 26, 2024 | A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this vulnerability is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can… | ||
| CVE-2024-4237 | Hig | 0.57 | 8.8 | 0.01 | Apr 26, 2024 | A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the… | ||
| CVE-2022-28572 | Hig | 0.57 | 8.8 | 0.03 | May 2, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function | ||
| CVE-2024-35578 | Hig | 0.52 | 8.0 | 0.00 | May 20, 2024 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv. | ||
| CVE-2024-35579 | Hig | 0.50 | 7.7 | 0.00 | May 20, 2024 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv. | ||
| CVE-2022-25546 | Hig | 0.50 | 7.5 | 0.12 | Mar 10, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter. | ||
| CVE-2025-63457 | Hig | 0.49 | 7.5 | 0.00 | Nov 10, 2025 | Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||
| CVE-2025-63456 | Hig | 0.49 | 7.5 | 0.00 | Nov 10, 2025 | Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||
| CVE-2025-63458 | Hig | 0.49 | 7.5 | 0.00 | Oct 31, 2025 | Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||
| CVE-2024-41492 | Hig | 0.49 | 7.5 | 0.01 | Jul 19, 2024 | A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2022-32033 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. | ||
| CVE-2022-32031 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic. | ||
| CVE-2022-32030 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. | ||
| CVE-2022-28973 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2022-28972 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2022-28971 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2022-28970 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2022-28969 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2022-25566 | Hig | 0.49 | 7.5 | 0.01 | Mar 10, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. |
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be…
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this vulnerability is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can…
- risk 0.57cvss 8.8epss 0.01
A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the…
- risk 0.57cvss 8.8epss 0.03
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
- risk 0.52cvss 8.0epss 0.00
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.
- risk 0.50cvss 7.7epss 0.00
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.
- risk 0.50cvss 7.5epss 0.12
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter.
- risk 0.49cvss 7.5epss 0.00
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- risk 0.49cvss 7.5epss 0.00
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- risk 0.49cvss 7.5epss 0.00
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- risk 0.49cvss 7.5epss 0.01
A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.49cvss 7.5epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
Page 2 of 4