Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38933 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | |||
| CVE-2023-38935 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. | |||
| CVE-2023-38937 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the… | |||
| CVE-2023-38940 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||
| CVE-2023-38929 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | |||
| CVE-2023-38938 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im. | |||
| CVE-2023-38932 | 0.00 | — | 0.01 | Aug 7, 2023 | Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | |||
| CVE-2023-37715 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm. | |||
| CVE-2023-37723 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting. | |||
| CVE-2023-37722 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter. | |||
| CVE-2023-37718 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter. | |||
| CVE-2023-37717 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. | |||
| CVE-2023-37714 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic. | |||
| CVE-2023-37719 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter. | |||
| CVE-2023-37716 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting. | |||
| CVE-2023-37721 | 0.00 | — | 0.01 | Jul 14, 2023 | Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter. | |||
| CVE-2023-37700 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||
| CVE-2023-37703 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||
| CVE-2023-37704 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | |||
| CVE-2023-37712 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function. | |||
| CVE-2023-37705 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromAddressNat function. | |||
| CVE-2023-37701 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | |||
| CVE-2023-37702 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | |||
| CVE-2023-37706 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function. | |||
| CVE-2023-37710 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | |||
| CVE-2023-37707 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. | |||
| CVE-2023-37711 | 0.00 | — | 0.01 | Jul 10, 2023 | Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function. | |||
| CVE-2023-37144 | 0.00 | — | 0.02 | Jul 7, 2023 | Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | |||
| CVE-2022-40010 | 0.00 | — | 0.00 | Jun 26, 2023 | Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | |||
| CVE-2023-34570 | 0.00 | — | 0.00 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. | |||
| CVE-2023-34567 | 0.00 | — | 0.00 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | |||
| CVE-2023-34571 | 0.00 | — | 0.00 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet. | |||
| CVE-2023-34568 | 0.00 | — | 0.00 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||
| CVE-2023-34566 | 0.00 | — | 0.01 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo. | |||
| CVE-2023-34569 | 0.00 | — | 0.00 | Jun 8, 2023 | Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | |||
| CVE-2023-33672 | 0.00 | — | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | |||
| CVE-2023-33673 | 0.00 | — | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | |||
| CVE-2023-33671 | 0.00 | — | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | |||
| CVE-2023-33675 | 0.00 | — | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function. | |||
| CVE-2023-33670 | 0.00 | — | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function. | |||
| CVE-2023-2923 | 0.00 | — | 0.01 | May 27, 2023 | A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed… | |||
| CVE-2023-31587 | 0.00 | — | 0.02 | May 16, 2023 | Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | |||
| CVE-2023-30352 | 0.00 | — | 0.01 | May 10, 2023 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | |||
| CVE-2023-30353 | 0.00 | — | 0.01 | May 10, 2023 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | |||
| CVE-2023-30354 | 0.00 | — | 0.00 | May 10, 2023 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access. | |||
| CVE-2023-30356 | 0.00 | — | 0.00 | May 10, 2023 | Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware | |||
| CVE-2023-30351 | 0.00 | — | 0.00 | May 10, 2023 | Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials. | |||
| CVE-2023-29681 | 0.00 | — | 0.00 | May 1, 2023 | Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | |||
| CVE-2023-29680 | 0.00 | — | 0.00 | May 1, 2023 | Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | |||
| CVE-2023-30370 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. |
- CVE-2023-38933Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
- CVE-2023-38935Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.
- CVE-2023-38937Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the…
- CVE-2023-38940Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
- CVE-2023-38929Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer.
- CVE-2023-38938Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im.
- CVE-2023-38932Aug 7, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function.
- CVE-2023-37715Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm.
- CVE-2023-37723Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.
- CVE-2023-37722Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter.
- CVE-2023-37718Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter.
- CVE-2023-37717Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
- CVE-2023-37714Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic.
- CVE-2023-37719Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter.
- CVE-2023-37716Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.
- CVE-2023-37721Jul 14, 2023risk 0.00cvss —epss 0.01
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter.
- CVE-2023-37700Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
- CVE-2023-37703Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
- CVE-2023-37704Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
- CVE-2023-37712Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function.
- CVE-2023-37705Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromAddressNat function.
- CVE-2023-37701Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
- CVE-2023-37702Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.
- CVE-2023-37706Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function.
- CVE-2023-37710Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
- CVE-2023-37707Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.
- CVE-2023-37711Jul 10, 2023risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.
- CVE-2023-37144Jul 7, 2023risk 0.00cvss —epss 0.02
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
- CVE-2022-40010Jun 26, 2023risk 0.00cvss —epss 0.00
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.
- CVE-2023-34570Jun 8, 2023risk 0.00cvss —epss 0.00
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.
- CVE-2023-34567Jun 8, 2023risk 0.00cvss —epss 0.00
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.
- CVE-2023-34571Jun 8, 2023risk 0.00cvss —epss 0.00
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.
- CVE-2023-34568Jun 8, 2023risk 0.00cvss —epss 0.00
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
- CVE-2023-34566Jun 8, 2023risk 0.00cvss —epss 0.01
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo.
- CVE-2023-34569Jun 8, 2023risk 0.00cvss —epss 0.00
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.
- CVE-2023-33672Jun 2, 2023risk 0.00cvss —epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
- CVE-2023-33673Jun 2, 2023risk 0.00cvss —epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
- CVE-2023-33671Jun 2, 2023risk 0.00cvss —epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.
- CVE-2023-33675Jun 2, 2023risk 0.00cvss —epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.
- CVE-2023-33670Jun 2, 2023risk 0.00cvss —epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.
- CVE-2023-2923May 27, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed…
- CVE-2023-31587May 16, 2023risk 0.00cvss —epss 0.02
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
- CVE-2023-30352May 10, 2023risk 0.00cvss —epss 0.01
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.
- CVE-2023-30353May 10, 2023risk 0.00cvss —epss 0.01
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.
- CVE-2023-30354May 10, 2023risk 0.00cvss —epss 0.00
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.
- CVE-2023-30356May 10, 2023risk 0.00cvss —epss 0.00
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware
- CVE-2023-30351May 10, 2023risk 0.00cvss —epss 0.00
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.
- CVE-2023-29681May 1, 2023risk 0.00cvss —epss 0.00
Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.
- CVE-2023-29680May 1, 2023risk 0.00cvss —epss 0.00
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password.
- CVE-2023-30370Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.
Page 31 of 41