VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2024-7584Aug 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack…

  • CVE-2024-7583Aug 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be…

  • CVE-2024-7582Aug 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The…

  • CVE-2024-7581Aug 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Tenda A301 15.13.08.12. This affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security leads to stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2024-41630Jul 31, 2024
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set.

  • CVE-2024-33365Jul 29, 2024
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10.20_cn allows a remote attacker to execute arbitrary code via the Virtual_Data_Check function in the bin/httpd component.

  • CVE-2024-7152Jul 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2024-7151Jul 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been declared as critical. This vulnerability affects the function fromMacFilterSet of the file /goform/setMacFilter. The manipulation of the argument remark leads to stack-based buffer overflow. The attack can be…

  • CVE-2024-41460Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic.

  • CVE-2024-41459Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex.

  • CVE-2024-41465Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm.

  • CVE-2024-41462Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.

  • CVE-2024-41464Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic

  • CVE-2024-41466Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.

  • CVE-2024-41461Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.

  • CVE-2024-41463Jul 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat.

  • CVE-2024-6965Jul 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical. Affected by this vulnerability is the function fromVirtualSet. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. The attack can be launched remotely.…

  • CVE-2024-6964Jul 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. Affected is the function fromDhcpSetSer. The manipulation of the argument dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway leads to stack-based buffer overflow. It is possible to launch the attack…

  • CVE-2024-6963Jul 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been…

  • CVE-2024-6962Jul 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The attack can be initiated remotely. The…

  • CVE-2024-41492Jul 19, 2024
    risk 0.00cvss epss 0.01

    A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-40503Jul 16, 2024
    risk 0.00cvss epss 0.00

    An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.

  • CVE-2024-33182Jul 16, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.

  • CVE-2024-33181Jul 16, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter.

  • CVE-2024-33180Jul 16, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.

  • CVE-2024-35338Jul 16, 2024
    risk 0.00cvss epss 0.01

    Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.

  • CVE-2024-40415Jul 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

  • CVE-2024-40416Jul 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

  • CVE-2024-40414Jul 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

  • CVE-2024-40417Jul 10, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow.

  • CVE-2024-40412Jul 10, 2024
    risk 0.00cvss epss 0.00

    Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function.

  • CVE-2023-48194Jul 9, 2024
    risk 0.00cvss epss 0.01

    Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.

  • CVE-2024-6403Jun 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack…

  • CVE-2024-6402Jun 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be…

  • CVE-2024-6189Jun 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch…

  • CVE-2024-36604Jun 4, 2024
    risk 0.00cvss epss 0.02

    Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges.

  • CVE-2024-35340May 24, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.

  • CVE-2024-35339May 24, 2024
    risk 0.00cvss epss 0.02

    Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.

  • CVE-2024-35578May 20, 2024
    risk 0.00cvss epss 0.00

    Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.

  • CVE-2024-35576May 20, 2024
    risk 0.00cvss epss 0.00

    Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.

  • CVE-2024-35579May 20, 2024
    risk 0.00cvss epss 0.00

    Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.

  • CVE-2024-35580May 20, 2024
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.

  • CVE-2024-35571May 20, 2024
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

  • CVE-2024-34942May 10, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.

  • CVE-2024-34943May 10, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.

  • CVE-2024-34945May 10, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle.

  • CVE-2024-34944May 10, 2024
    risk 0.00cvss epss 0.00

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.

  • CVE-2024-34946May 10, 2024
    risk 0.00cvss epss 0.01

    Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.

  • CVE-2024-34974May 10, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.

  • CVE-2024-34338May 9, 2024
    risk 0.00cvss epss 0.03

    Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to…

Page 21 of 41