VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2023-38933Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

  • CVE-2023-38935Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.

  • CVE-2023-38937Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the…

  • CVE-2023-38940Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

  • CVE-2023-38929Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer.

  • CVE-2023-38938Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im.

  • CVE-2023-38932Aug 7, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function.

  • CVE-2023-37715Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm.

  • CVE-2023-37723Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.

  • CVE-2023-37722Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter.

  • CVE-2023-37718Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter.

  • CVE-2023-37717Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.

  • CVE-2023-37714Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic.

  • CVE-2023-37719Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter.

  • CVE-2023-37716Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.

  • CVE-2023-37721Jul 14, 2023
    risk 0.00cvss epss 0.01

    Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter.

  • CVE-2023-37700Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

  • CVE-2023-37703Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

  • CVE-2023-37704Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

  • CVE-2023-37712Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function.

  • CVE-2023-37705Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromAddressNat function.

  • CVE-2023-37701Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

  • CVE-2023-37702Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.

  • CVE-2023-37706Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function.

  • CVE-2023-37710Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

  • CVE-2023-37707Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.

  • CVE-2023-37711Jul 10, 2023
    risk 0.00cvss epss 0.01

    Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.

  • CVE-2023-37144Jul 7, 2023
    risk 0.00cvss epss 0.02

    Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.

  • CVE-2022-40010Jun 26, 2023
    risk 0.00cvss epss 0.00

    Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.

  • CVE-2023-34570Jun 8, 2023
    risk 0.00cvss epss 0.00

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.

  • CVE-2023-34567Jun 8, 2023
    risk 0.00cvss epss 0.00

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.

  • CVE-2023-34571Jun 8, 2023
    risk 0.00cvss epss 0.00

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.

  • CVE-2023-34568Jun 8, 2023
    risk 0.00cvss epss 0.00

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.

  • CVE-2023-34566Jun 8, 2023
    risk 0.00cvss epss 0.01

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo.

  • CVE-2023-34569Jun 8, 2023
    risk 0.00cvss epss 0.00

    Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.

  • CVE-2023-33672Jun 2, 2023
    risk 0.00cvss epss 0.01

    Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.

  • CVE-2023-33673Jun 2, 2023
    risk 0.00cvss epss 0.01

    Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

  • CVE-2023-33671Jun 2, 2023
    risk 0.00cvss epss 0.01

    Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.

  • CVE-2023-33675Jun 2, 2023
    risk 0.00cvss epss 0.01

    Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.

  • CVE-2023-33670Jun 2, 2023
    risk 0.00cvss epss 0.01

    Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.

  • CVE-2023-2923May 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed…

  • CVE-2023-31587May 16, 2023
    risk 0.00cvss epss 0.02

    Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

  • CVE-2023-30352May 10, 2023
    risk 0.00cvss epss 0.01

    Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.

  • CVE-2023-30353May 10, 2023
    risk 0.00cvss epss 0.01

    Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.

  • CVE-2023-30354May 10, 2023
    risk 0.00cvss epss 0.00

    Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.

  • CVE-2023-30356May 10, 2023
    risk 0.00cvss epss 0.00

    Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware

  • CVE-2023-30351May 10, 2023
    risk 0.00cvss epss 0.00

    Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.

  • CVE-2023-29681May 1, 2023
    risk 0.00cvss epss 0.00

    Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.

  • CVE-2023-29680May 1, 2023
    risk 0.00cvss epss 0.00

    Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.

  • CVE-2023-30370Apr 24, 2023
    risk 0.00cvss epss 0.01

    In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.

Page 31 of 41