VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2024-2817Mar 22, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched…

  • CVE-2024-2816Mar 22, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The…

  • CVE-2024-2815Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It…

  • CVE-2024-2814Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2024-2813Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The…

  • CVE-2024-2812Mar 22, 2024
    risk 0.00cvss epss 0.04

    A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the…

  • CVE-2024-2811Mar 22, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched…

  • CVE-2024-2810Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The…

  • CVE-2024-2809Mar 22, 2024
    risk 0.00cvss epss 0.02

    A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible…

  • CVE-2024-2808Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The…

  • CVE-2024-2807Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack…

  • CVE-2024-2806Mar 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is…

  • CVE-2024-2805Mar 22, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been rated as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack…

  • CVE-2024-2764Mar 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument endIP leads to stack-based buffer overflow. It is possible to initiate the…

  • CVE-2024-2763Mar 21, 2024
    risk 0.00cvss epss 0.02

    A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.48. Affected by this issue is the function formSetCfm of the file goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched…

  • CVE-2024-2711Mar 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10U 15.03.06.48. It has been rated as critical. Affected by this issue is the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceMac leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-2710Mar 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10U 15.03.06.49. It has been declared as critical. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. The attack…

  • CVE-2024-2709Mar 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10U 15.03.06.49. It has been classified as critical. Affected is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the…

  • CVE-2024-2708Mar 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10U 15.03.06.49 and classified as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely.…

  • CVE-2024-2707Mar 20, 2024
    risk 0.00cvss epss 0.05

    A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated…

  • CVE-2024-2706Mar 20, 2024
    risk 0.00cvss epss 0.02

    A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49. This affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the…

  • CVE-2024-2705Mar 20, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda AC10U 1.0/15.03.06.49. Affected by this issue is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack…

  • CVE-2024-2704Mar 20, 2024
    risk 0.00cvss epss 0.02

    A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49. Affected by this vulnerability is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be…

  • CVE-2024-2703Mar 20, 2024
    risk 0.00cvss epss 0.02

    A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49. Affected is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack…

  • CVE-2024-2581Mar 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2024-28550Mar 18, 2024
    risk 0.00cvss epss 0.00

    Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function.

  • CVE-2024-28537Mar 18, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.

  • CVE-2024-28547Mar 18, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function.

  • CVE-2024-2560Mar 17, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely.…

  • CVE-2024-2559Mar 17, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has…

  • CVE-2024-2558Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2024-2547Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been…

  • CVE-2024-2546Mar 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely.…

  • CVE-2024-2490Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The…

  • CVE-2024-2489Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack…

  • CVE-2024-2488Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2024-2487Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack…

  • CVE-2024-2486Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the…

  • CVE-2024-2485Mar 15, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched…

  • CVE-2024-28383Mar 14, 2024
    risk 0.00cvss epss 0.01

    Tenda AX12 v1.0 v22.03.01.16 was discovered to contain a stack overflow via the ssid parameter in the sub_431CF0 function.

  • CVE-2024-28535Mar 12, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.

  • CVE-2024-28553Mar 12, 2024
    risk 0.00cvss epss 0.01

    Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.

  • CVE-2024-25751Feb 26, 2024
    risk 0.00cvss epss 0.01

    A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetSysTime function.

  • CVE-2024-25753Feb 22, 2024
    risk 0.00cvss epss 0.01

    Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function.

  • CVE-2024-25746Feb 22, 2024
    risk 0.00cvss epss 0.00

    Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the add_white_node function.

  • CVE-2024-25756Feb 22, 2024
    risk 0.00cvss epss 0.01

    A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formWifiBasicSet function.

  • CVE-2024-25748Feb 22, 2024
    risk 0.00cvss epss 0.01

    A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function.

  • CVE-2023-24332Feb 21, 2024
    risk 0.00cvss epss 0.01

    A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.

  • CVE-2023-24333Feb 21, 2024
    risk 0.00cvss epss 0.00

    A stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi.

  • CVE-2023-24334Feb 21, 2024
    risk 0.00cvss epss 0.00

    A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.

Page 26 of 41