VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2023-49411Dec 7, 2023
    risk 0.00cvss epss 0.01

    Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.

  • CVE-2023-49436Dec 7, 2023
    risk 0.00cvss epss 0.02

    Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.

  • CVE-2023-48963Nov 30, 2023
    risk 0.00cvss epss 0.01

    Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget.

  • CVE-2023-48964Nov 30, 2023
    risk 0.00cvss epss 0.01

    Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet.

  • CVE-2023-45484Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.

  • CVE-2023-45479Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.

  • CVE-2023-45483Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.

  • CVE-2023-45482Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.

  • CVE-2023-45481Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.

  • CVE-2023-45480Nov 29, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.

  • CVE-2023-49044Nov 27, 2023
    risk 0.00cvss epss 0.01

    Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.

  • CVE-2023-49046Nov 27, 2023
    risk 0.00cvss epss 0.01

    Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.

  • CVE-2023-49047Nov 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName.

  • CVE-2023-49042Nov 27, 2023
    risk 0.00cvss epss 0.01

    Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.

  • CVE-2023-48111Nov 20, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack

  • CVE-2023-48109Nov 20, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack

  • CVE-2023-48110Nov 20, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack

  • CVE-2023-38823Nov 20, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.

  • CVE-2022-45781Nov 14, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.

  • CVE-2023-43886Nov 7, 2023
    risk 0.00cvss epss 0.01

    A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.

  • CVE-2023-43885Nov 7, 2023
    risk 0.00cvss epss 0.01

    Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.

  • CVE-2023-47455Nov 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.

  • CVE-2023-47456Nov 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.

  • CVE-2023-46518Oct 25, 2023
    risk 0.00cvss epss 0.02

    Mercury A15 V1.0 20230818_1.0.3 was discovered to contain a command execution vulnerability via the component cloudDeviceTokenSuccCB.

  • CVE-2023-46369Oct 24, 2023
    risk 0.00cvss epss 0.01

    Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function.

  • CVE-2023-40830Oct 3, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.

  • CVE-2023-44014Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.

  • CVE-2023-44018Sep 27, 2023
    risk 0.00cvss epss 0.15

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.

  • CVE-2023-44022Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

  • CVE-2023-44016Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

  • CVE-2023-44013Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.

  • CVE-2023-44021Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.

  • CVE-2023-44023Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

  • CVE-2023-44015Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.

  • CVE-2023-44019Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.

  • CVE-2023-44020Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.

  • CVE-2023-44017Sep 27, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.

  • CVE-2023-42320Sep 18, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.

  • CVE-2023-40942Sep 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.

  • CVE-2023-4498Sep 6, 2023
    risk 0.00cvss epss 0.00

    Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only

  • CVE-2021-40546Sep 5, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.

  • CVE-2023-4744Sep 3, 2023
    risk 0.00cvss epss 0.02

    A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been…

  • CVE-2023-40837Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute…

  • CVE-2023-41555Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasicSet.

  • CVE-2023-41556Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind.

  • CVE-2023-40845Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.

  • CVE-2023-41559Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.

  • CVE-2023-40844Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'

  • CVE-2023-41554Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.

  • CVE-2023-40848Aug 30, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."

Page 29 of 41