Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-45657 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||
| CVE-2022-45667 | 0.00 | — | 0.00 | Dec 2, 2022 | Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | |||
| CVE-2022-45661 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function. | |||
| CVE-2022-45653 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | |||
| CVE-2022-45664 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. | |||
| CVE-2022-45668 | 0.00 | — | 0.00 | Dec 2, 2022 | Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | |||
| CVE-2022-45651 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function. | |||
| CVE-2022-45645 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function. | |||
| CVE-2022-45659 | 0.00 | — | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | |||
| CVE-2022-45640 | 0.00 | — | 0.01 | Dec 1, 2022 | Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local). | |||
| CVE-2022-45337 | 0.00 | — | 0.01 | Nov 30, 2022 | Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||
| CVE-2022-44174 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. | |||
| CVE-2022-44158 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name. | |||
| CVE-2022-44168 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. | |||
| CVE-2022-44167 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. | |||
| CVE-2022-44156 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. | |||
| CVE-2022-44183 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic. | |||
| CVE-2022-44176 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. | |||
| CVE-2022-44169 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. | |||
| CVE-2022-44163 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. | |||
| CVE-2022-44171 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. | |||
| CVE-2022-44175 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. | |||
| CVE-2022-44178 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB. | |||
| CVE-2022-44180 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. | |||
| CVE-2022-44177 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart. | |||
| CVE-2022-44172 | 0.00 | — | 0.01 | Nov 21, 2022 | Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler. | |||
| CVE-2022-42053 | 0.00 | — | 0.01 | Nov 15, 2022 | Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function. | |||
| CVE-2022-40845 | 0.00 | — | 0.01 | Nov 15, 2022 | The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information… | |||
| CVE-2022-40846 | 0.00 | — | 0.01 | Nov 15, 2022 | In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname. | |||
| CVE-2022-40844 | 0.00 | — | 0.01 | Nov 15, 2022 | In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body. | |||
| CVE-2022-40847 | 0.00 | — | 0.01 | Nov 15, 2022 | In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter. | |||
| CVE-2022-41396 | 0.00 | — | 0.01 | Nov 15, 2022 | Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters. | |||
| CVE-2022-41395 | 0.00 | — | 0.01 | Nov 15, 2022 | Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function. | |||
| CVE-2022-42058 | 0.00 | — | 0.01 | Nov 15, 2022 | Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||
| CVE-2022-43102 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | |||
| CVE-2022-43106 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function. | |||
| CVE-2022-43107 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | |||
| CVE-2022-43108 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | |||
| CVE-2022-43103 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function. | |||
| CVE-2022-43105 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | |||
| CVE-2022-43101 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||
| CVE-2022-43104 | 0.00 | — | 0.01 | Nov 3, 2022 | Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | |||
| CVE-2022-40875 | 0.00 | — | 0.01 | Oct 27, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo. | |||
| CVE-2022-40876 | 0.00 | — | 0.02 | Oct 27, 2022 | In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE). | |||
| CVE-2022-40874 | 0.00 | — | 0.01 | Oct 27, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request. | |||
| CVE-2022-43024 | 0.00 | — | 0.01 | Oct 19, 2022 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||
| CVE-2022-43025 | 0.00 | — | 0.01 | Oct 19, 2022 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg. | |||
| CVE-2022-43029 | 0.00 | — | 0.01 | Oct 19, 2022 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg. | |||
| CVE-2022-43027 | 0.00 | — | 0.01 | Oct 19, 2022 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg. | |||
| CVE-2022-43028 | 0.00 | — | 0.01 | Oct 19, 2022 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg. |
- CVE-2022-45657Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
- CVE-2022-45667Dec 2, 2022risk 0.00cvss —epss 0.00
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
- CVE-2022-45661Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.
- CVE-2022-45653Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.
- CVE-2022-45664Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.
- CVE-2022-45668Dec 2, 2022risk 0.00cvss —epss 0.00
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
- CVE-2022-45651Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.
- CVE-2022-45645Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.
- CVE-2022-45659Dec 2, 2022risk 0.00cvss —epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
- CVE-2022-45640Dec 1, 2022risk 0.00cvss —epss 0.01
Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local).
- CVE-2022-45337Nov 30, 2022risk 0.00cvss —epss 0.01
Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.
- CVE-2022-44174Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.
- CVE-2022-44158Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name.
- CVE-2022-44168Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic..
- CVE-2022-44167Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer.
- CVE-2022-44156Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind.
- CVE-2022-44183Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.
- CVE-2022-44176Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.
- CVE-2022-44169Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer.
- CVE-2022-44163Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
- CVE-2022-44171Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.
- CVE-2022-44175Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
- CVE-2022-44178Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.
- CVE-2022-44180Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.
- CVE-2022-44177Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.
- CVE-2022-44172Nov 21, 2022risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.
- CVE-2022-42053Nov 15, 2022risk 0.00cvss —epss 0.01
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function.
- CVE-2022-40845Nov 15, 2022risk 0.00cvss —epss 0.01
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information…
- CVE-2022-40846Nov 15, 2022risk 0.00cvss —epss 0.01
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname.
- CVE-2022-40844Nov 15, 2022risk 0.00cvss —epss 0.01
In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body.
- CVE-2022-40847Nov 15, 2022risk 0.00cvss —epss 0.01
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.
- CVE-2022-41396Nov 15, 2022risk 0.00cvss —epss 0.01
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.
- CVE-2022-41395Nov 15, 2022risk 0.00cvss —epss 0.01
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function.
- CVE-2022-42058Nov 15, 2022risk 0.00cvss —epss 0.01
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2022-43102Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
- CVE-2022-43106Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.
- CVE-2022-43107Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
- CVE-2022-43108Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
- CVE-2022-43103Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.
- CVE-2022-43105Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
- CVE-2022-43101Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
- CVE-2022-43104Nov 3, 2022risk 0.00cvss —epss 0.01
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
- CVE-2022-40875Oct 27, 2022risk 0.00cvss —epss 0.01
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.
- CVE-2022-40876Oct 27, 2022risk 0.00cvss —epss 0.02
In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE).
- CVE-2022-40874Oct 27, 2022risk 0.00cvss —epss 0.01
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.
- CVE-2022-43024Oct 19, 2022risk 0.00cvss —epss 0.01
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
- CVE-2022-43025Oct 19, 2022risk 0.00cvss —epss 0.01
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg.
- CVE-2022-43029Oct 19, 2022risk 0.00cvss —epss 0.01
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg.
- CVE-2022-43027Oct 19, 2022risk 0.00cvss —epss 0.01
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg.
- CVE-2022-43028Oct 19, 2022risk 0.00cvss —epss 0.01
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg.
Page 35 of 41