Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-30376 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30373 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30378 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30372 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30375 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30368 | 0.00 | — | 0.01 | Apr 24, 2023 | Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. | |||
| CVE-2023-30371 | 0.00 | — | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||
| CVE-2023-30369 | 0.00 | — | 0.01 | Apr 24, 2023 | Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | |||
| CVE-2023-27076 | 0.00 | — | 0.23 | Apr 10, 2023 | Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter. | |||
| CVE-2023-25214 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27014 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25211 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25217 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25218 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27015 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25215 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27016 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27012 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27017 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45DC58 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27013 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25213 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25216 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25219 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25210 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27021 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27018 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27019 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25220 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27020 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-25212 | 0.00 | — | 0.01 | Apr 7, 2023 | Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||
| CVE-2023-27042 | 0.00 | — | 0.01 | Mar 24, 2023 | Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg. | |||
| CVE-2023-27079 | 0.00 | — | 0.02 | Mar 23, 2023 | Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package | |||
| CVE-2023-26805 | 0.00 | — | 0.01 | Mar 19, 2023 | Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify. | |||
| CVE-2023-26806 | 0.00 | — | 0.01 | Mar 19, 2023 | Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime, | |||
| CVE-2023-27239 | 0.00 | — | 0.01 | Mar 15, 2023 | Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet. | |||
| CVE-2023-27240 | 0.00 | — | 0.03 | Mar 15, 2023 | Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip. | |||
| CVE-2023-27064 | 0.00 | — | 0.01 | Mar 13, 2023 | Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2023-27065 | 0.00 | — | 0.01 | Mar 13, 2023 | Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2023-27063 | 0.00 | — | 0.01 | Mar 13, 2023 | Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2023-27061 | 0.00 | — | 0.01 | Mar 13, 2023 | Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2023-27062 | 0.00 | — | 0.01 | Mar 13, 2023 | Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||
| CVE-2023-23080 | 0.00 | — | 0.02 | Feb 27, 2023 | Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS… | |||
| CVE-2023-25233 | 0.00 | — | 0.01 | Feb 27, 2023 | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||
| CVE-2023-25235 | 0.00 | — | 0.11 | Feb 27, 2023 | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid. | |||
| CVE-2023-25231 | 0.00 | — | 0.01 | Feb 27, 2023 | Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||
| CVE-2023-24212 | 0.00 | — | 0.01 | Feb 23, 2023 | Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg. | |||
| CVE-2023-0782 | 0.00 | — | 0.01 | Feb 11, 2023 | A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit… | |||
| CVE-2022-48130 | 0.00 | — | 0.01 | Feb 2, 2023 | Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN. | |||
| CVE-2023-24164 | 0.00 | — | 0.01 | Jan 26, 2023 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318. | |||
| CVE-2023-24165 | 0.00 | — | 0.01 | Jan 26, 2023 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo. |
- CVE-2023-30376Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30373Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30378Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30372Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30375Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30368Apr 24, 2023risk 0.00cvss —epss 0.01
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.
- CVE-2023-30371Apr 24, 2023risk 0.00cvss —epss 0.01
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.
- CVE-2023-30369Apr 24, 2023risk 0.00cvss —epss 0.01
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.
- CVE-2023-27076Apr 10, 2023risk 0.00cvss —epss 0.23
Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.
- CVE-2023-25214Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27014Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25211Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25217Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25218Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27015Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25215Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27016Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27012Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27017Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45DC58 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27013Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25213Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25216Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25219Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25210Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27021Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27018Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27019Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25220Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27020Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-25212Apr 7, 2023risk 0.00cvss —epss 0.01
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
- CVE-2023-27042Mar 24, 2023risk 0.00cvss —epss 0.01
Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg.
- CVE-2023-27079Mar 23, 2023risk 0.00cvss —epss 0.02
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package
- CVE-2023-26805Mar 19, 2023risk 0.00cvss —epss 0.01
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify.
- CVE-2023-26806Mar 19, 2023risk 0.00cvss —epss 0.01
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime,
- CVE-2023-27239Mar 15, 2023risk 0.00cvss —epss 0.01
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet.
- CVE-2023-27240Mar 15, 2023risk 0.00cvss —epss 0.03
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip.
- CVE-2023-27064Mar 13, 2023risk 0.00cvss —epss 0.01
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2023-27065Mar 13, 2023risk 0.00cvss —epss 0.01
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2023-27063Mar 13, 2023risk 0.00cvss —epss 0.01
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2023-27061Mar 13, 2023risk 0.00cvss —epss 0.01
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2023-27062Mar 13, 2023risk 0.00cvss —epss 0.01
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CVE-2023-23080Feb 27, 2023risk 0.00cvss —epss 0.02
Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS…
- CVE-2023-25233Feb 27, 2023risk 0.00cvss —epss 0.01
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface.
- CVE-2023-25235Feb 27, 2023risk 0.00cvss —epss 0.11
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid.
- CVE-2023-25231Feb 27, 2023risk 0.00cvss —epss 0.01
Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface.
- CVE-2023-24212Feb 23, 2023risk 0.00cvss —epss 0.01
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg.
- CVE-2023-0782Feb 11, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit…
- CVE-2022-48130Feb 2, 2023risk 0.00cvss —epss 0.01
Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN.
- CVE-2023-24164Jan 26, 2023risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318.
- CVE-2023-24165Jan 26, 2023risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo.
Page 32 of 41