Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57582 | 0.00 | — | 0.01 | Jan 16, 2025 | Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. | |||
| CVE-2024-46450 | 0.00 | — | 0.00 | Jan 16, 2025 | Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request. | |||
| CVE-2024-57580 | 0.00 | — | 0.01 | Jan 16, 2025 | Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||
| CVE-2024-57704 | 0.00 | — | 0.00 | Jan 16, 2025 | Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. | |||
| CVE-2024-57483 | 0.00 | — | 0.01 | Jan 14, 2025 | Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. | |||
| CVE-2025-22946 | 0.00 | — | 0.01 | Jan 10, 2025 | Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. | |||
| CVE-2025-0349 | 0.00 | — | 0.02 | Jan 9, 2025 | A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the… | |||
| CVE-2024-36831 | 0.00 | — | 0.01 | Dec 17, 2024 | A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication. | |||
| CVE-2024-52275 | 0.00 | — | 0.01 | Dec 4, 2024 | Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. | |||
| CVE-2024-52274 | 0.00 | — | 0.00 | Dec 4, 2024 | Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||
| CVE-2024-52273 | 0.00 | — | 0.00 | Dec 4, 2024 | Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||
| CVE-2024-52272 | 0.00 | — | 0.00 | Dec 4, 2024 | Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||
| CVE-2024-12002 | 0.00 | — | 0.01 | Nov 30, 2024 | A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer… | |||
| CVE-2024-11745 | 0.00 | — | 0.01 | Nov 26, 2024 | A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched… | |||
| CVE-2024-11650 | 0.00 | — | 0.01 | Nov 25, 2024 | A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to… | |||
| CVE-2024-52789 | 0.00 | — | 0.00 | Nov 19, 2024 | Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | |||
| CVE-2024-52788 | 0.00 | — | 0.00 | Nov 19, 2024 | Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | |||
| CVE-2024-52714 | 0.00 | — | 0.01 | Nov 19, 2024 | Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime. | |||
| CVE-2024-11248 | 0.00 | — | 0.01 | Nov 15, 2024 | A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be… | |||
| CVE-2024-11061 | 0.00 | — | 0.01 | Nov 11, 2024 | A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be… | |||
| CVE-2024-11056 | 0.00 | — | 0.01 | Nov 10, 2024 | A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the… | |||
| CVE-2024-51409 | 0.00 | — | 0.00 | Nov 6, 2024 | Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware. | |||
| CVE-2024-51116 | 0.00 | — | 0.00 | Nov 5, 2024 | Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. | |||
| CVE-2024-10750 | 0.00 | — | 0.01 | Nov 4, 2024 | A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer… | |||
| CVE-2024-10698 | 0.00 | — | 0.01 | Nov 2, 2024 | A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched… | |||
| CVE-2024-10662 | 0.00 | — | 0.01 | Nov 1, 2024 | A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated… | |||
| CVE-2024-10661 | 0.00 | — | 0.01 | Nov 1, 2024 | A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated… | |||
| CVE-2024-10434 | 0.00 | — | 0.01 | Oct 28, 2024 | A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is… | |||
| CVE-2024-48826 | 0.00 | — | 0.02 | Oct 28, 2024 | Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. | |||
| CVE-2024-48825 | 0.00 | — | 0.02 | Oct 28, 2024 | Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. | |||
| CVE-2024-10351 | 0.00 | — | 0.01 | Oct 24, 2024 | A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer… | |||
| CVE-2024-10283 | 0.00 | — | 0.01 | Oct 23, 2024 | A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack… | |||
| CVE-2024-10282 | 0.00 | — | 0.01 | Oct 23, 2024 | A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The… | |||
| CVE-2024-10281 | 0.00 | — | 0.01 | Oct 23, 2024 | A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch… | |||
| CVE-2024-10280 | 0.00 | — | 0.01 | Oct 23, 2024 | A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to… | |||
| CVE-2024-10130 | 0.00 | — | 0.01 | Oct 18, 2024 | A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be… | |||
| CVE-2024-10123 | 0.00 | — | 0.01 | Oct 18, 2024 | A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.… | |||
| CVE-2024-46652 | 0.00 | — | 0.01 | Sep 20, 2024 | Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. | |||
| CVE-2024-46047 | 0.00 | — | 0.01 | Sep 13, 2024 | Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | |||
| CVE-2024-46049 | 0.00 | — | 0.01 | Sep 13, 2024 | Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function. | |||
| CVE-2024-46046 | 0.00 | — | 0.01 | Sep 13, 2024 | Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | |||
| CVE-2024-46045 | 0.00 | — | 0.01 | Sep 13, 2024 | Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. | |||
| CVE-2024-44859 | 0.00 | — | 0.01 | Sep 4, 2024 | Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`. | |||
| CVE-2024-8231 | 0.00 | — | 0.01 | Aug 28, 2024 | A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to… | |||
| CVE-2024-8230 | 0.00 | — | 0.01 | Aug 28, 2024 | A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. The attack may… | |||
| CVE-2024-8229 | 0.00 | — | 0.01 | Aug 28, 2024 | A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be… | |||
| CVE-2024-8228 | 0.00 | — | 0.01 | Aug 28, 2024 | A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to… | |||
| CVE-2024-8227 | 0.00 | — | 0.01 | Aug 28, 2024 | A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to… | |||
| CVE-2024-8226 | 0.00 | — | 0.01 | Aug 27, 2024 | A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched… | |||
| CVE-2024-44556 | 0.00 | — | 0.00 | Aug 26, 2024 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. |
- CVE-2024-57582Jan 16, 2025risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function.
- CVE-2024-46450Jan 16, 2025risk 0.00cvss —epss 0.00
Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request.
- CVE-2024-57580Jan 16, 2025risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
- CVE-2024-57704Jan 16, 2025risk 0.00cvss —epss 0.00
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow.
- CVE-2024-57483Jan 14, 2025risk 0.00cvss —epss 0.01
Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function.
- CVE-2025-22946Jan 10, 2025risk 0.00cvss —epss 0.01
Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution.
- CVE-2025-0349Jan 9, 2025risk 0.00cvss —epss 0.02
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the…
- CVE-2024-36831Dec 17, 2024risk 0.00cvss —epss 0.01
A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication.
- CVE-2024-52275Dec 4, 2024risk 0.00cvss —epss 0.01
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.
- CVE-2024-52274Dec 4, 2024risk 0.00cvss —epss 0.00
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
- CVE-2024-52273Dec 4, 2024risk 0.00cvss —epss 0.00
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
- CVE-2024-52272Dec 4, 2024risk 0.00cvss —epss 0.00
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
- CVE-2024-12002Nov 30, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer…
- CVE-2024-11745Nov 26, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched…
- CVE-2024-11650Nov 25, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to…
- CVE-2024-52789Nov 19, 2024risk 0.00cvss —epss 0.00
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.
- CVE-2024-52788Nov 19, 2024risk 0.00cvss —epss 0.00
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.
- CVE-2024-52714Nov 19, 2024risk 0.00cvss —epss 0.01
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.
- CVE-2024-11248Nov 15, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be…
- CVE-2024-11061Nov 11, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be…
- CVE-2024-11056Nov 10, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the…
- CVE-2024-51409Nov 6, 2024risk 0.00cvss —epss 0.00
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware.
- CVE-2024-51116Nov 5, 2024risk 0.00cvss —epss 0.00
Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'.
- CVE-2024-10750Nov 4, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer…
- CVE-2024-10698Nov 2, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched…
- CVE-2024-10662Nov 1, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated…
- CVE-2024-10661Nov 1, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated…
- CVE-2024-10434Oct 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is…
- CVE-2024-48826Oct 28, 2024risk 0.00cvss —epss 0.02
Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
- CVE-2024-48825Oct 28, 2024risk 0.00cvss —epss 0.02
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
- CVE-2024-10351Oct 24, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer…
- CVE-2024-10283Oct 23, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack…
- CVE-2024-10282Oct 23, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The…
- CVE-2024-10281Oct 23, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch…
- CVE-2024-10280Oct 23, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to…
- CVE-2024-10130Oct 18, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be…
- CVE-2024-10123Oct 18, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.…
- CVE-2024-46652Sep 20, 2024risk 0.00cvss —epss 0.01
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
- CVE-2024-46047Sep 13, 2024risk 0.00cvss —epss 0.01
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
- CVE-2024-46049Sep 13, 2024risk 0.00cvss —epss 0.01
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
- CVE-2024-46046Sep 13, 2024risk 0.00cvss —epss 0.01
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
- CVE-2024-46045Sep 13, 2024risk 0.00cvss —epss 0.01
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
- CVE-2024-44859Sep 4, 2024risk 0.00cvss —epss 0.01
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
- CVE-2024-8231Aug 28, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to…
- CVE-2024-8230Aug 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. The attack may…
- CVE-2024-8229Aug 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been declared as critical. This vulnerability affects the function frommacFilterModify of the file /goform/operateMacFilter. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be…
- CVE-2024-8228Aug 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to…
- CVE-2024-8227Aug 28, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to…
- CVE-2024-8226Aug 27, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in Tenda O1 1.0.0.7(10648) and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched…
- CVE-2024-44556Aug 26, 2024risk 0.00cvss —epss 0.00
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
Page 19 of 41