Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-40071 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName. | |||
| CVE-2022-40072 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement. | |||
| CVE-2022-40073 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo. | |||
| CVE-2022-40074 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi. | |||
| CVE-2022-40075 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set. | |||
| CVE-2022-40076 | 0.00 | — | 0.01 | Sep 19, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic. | |||
| CVE-2022-38829 | 0.00 | — | 0.01 | Sep 16, 2022 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg. | |||
| CVE-2022-38830 | 0.00 | — | 0.01 | Sep 16, 2022 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status. | |||
| CVE-2022-38831 | 0.00 | — | 0.01 | Sep 16, 2022 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList | |||
| CVE-2022-38326 | 0.00 | — | 0.01 | Sep 15, 2022 | Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | |||
| CVE-2022-38325 | 0.00 | — | 0.01 | Sep 15, 2022 | Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. | |||
| CVE-2022-38313 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo. | |||
| CVE-2022-38312 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||
| CVE-2022-38311 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet. | |||
| CVE-2022-38310 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | |||
| CVE-2022-38309 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||
| CVE-2022-38314 | 0.00 | — | 0.01 | Sep 7, 2022 | Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo. | |||
| CVE-2022-36571 | 0.00 | — | 0.01 | Aug 31, 2022 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting. | |||
| CVE-2022-36570 | 0.00 | — | 0.01 | Aug 31, 2022 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg. | |||
| CVE-2022-36569 | 0.00 | — | 0.01 | Aug 31, 2022 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg. | |||
| CVE-2022-36568 | 0.00 | — | 0.01 | Aug 31, 2022 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList. | |||
| CVE-2022-37176 | 0.00 | — | 0.01 | Aug 30, 2022 | Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard. | |||
| CVE-2022-36552 | 0.00 | — | 0.01 | Aug 30, 2022 | Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request. | |||
| CVE-2022-38510 | 0.00 | — | 0.00 | Aug 28, 2022 | Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList. | |||
| CVE-2022-38562 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | |||
| CVE-2022-38564 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | |||
| CVE-2022-38565 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | |||
| CVE-2022-38566 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||
| CVE-2022-38567 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||
| CVE-2022-38563 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | |||
| CVE-2022-38568 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||
| CVE-2022-38569 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd. | |||
| CVE-2022-38571 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem. | |||
| CVE-2022-38570 | 0.00 | — | 0.01 | Aug 28, 2022 | Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter. | |||
| CVE-2022-37292 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind. | |||
| CVE-2022-37822 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic. | |||
| CVE-2022-37816 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind. | |||
| CVE-2022-37820 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS. | |||
| CVE-2022-37814 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter. | |||
| CVE-2022-37824 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. | |||
| CVE-2022-37817 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind. | |||
| CVE-2022-37815 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex. | |||
| CVE-2022-37813 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime. | |||
| CVE-2022-37818 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. | |||
| CVE-2022-37809 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan. | |||
| CVE-2022-37808 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB. | |||
| CVE-2022-37823 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer. | |||
| CVE-2022-37821 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince. | |||
| CVE-2022-37819 | 0.00 | — | 0.00 | Aug 25, 2022 | Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime. | |||
| CVE-2022-37807 | 0.00 | — | 0.01 | Aug 25, 2022 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState. |
- CVE-2022-40071Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName.
- CVE-2022-40072Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement.
- CVE-2022-40073Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo.
- CVE-2022-40074Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi.
- CVE-2022-40075Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set.
- CVE-2022-40076Sep 19, 2022risk 0.00cvss —epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic.
- CVE-2022-38829Sep 16, 2022risk 0.00cvss —epss 0.01
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.
- CVE-2022-38830Sep 16, 2022risk 0.00cvss —epss 0.01
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status.
- CVE-2022-38831Sep 16, 2022risk 0.00cvss —epss 0.01
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList
- CVE-2022-38326Sep 15, 2022risk 0.00cvss —epss 0.01
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
- CVE-2022-38325Sep 15, 2022risk 0.00cvss —epss 0.01
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
- CVE-2022-38313Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo.
- CVE-2022-38312Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.
- CVE-2022-38311Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet.
- CVE-2022-38310Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.
- CVE-2022-38309Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
- CVE-2022-38314Sep 7, 2022risk 0.00cvss —epss 0.01
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo.
- CVE-2022-36571Aug 31, 2022risk 0.00cvss —epss 0.01
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
- CVE-2022-36570Aug 31, 2022risk 0.00cvss —epss 0.01
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
- CVE-2022-36569Aug 31, 2022risk 0.00cvss —epss 0.01
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
- CVE-2022-36568Aug 31, 2022risk 0.00cvss —epss 0.01
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
- CVE-2022-37176Aug 30, 2022risk 0.00cvss —epss 0.01
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
- CVE-2022-36552Aug 30, 2022risk 0.00cvss —epss 0.01
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
- CVE-2022-38510Aug 28, 2022risk 0.00cvss —epss 0.00
Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList.
- CVE-2022-38562Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter.
- CVE-2022-38564Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter.
- CVE-2022-38565Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter.
- CVE-2022-38566Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter.
- CVE-2022-38567Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter.
- CVE-2022-38563Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter.
- CVE-2022-38568Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter.
- CVE-2022-38569Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.
- CVE-2022-38571Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.
- CVE-2022-38570Aug 28, 2022risk 0.00cvss —epss 0.01
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter.
- CVE-2022-37292Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
- CVE-2022-37822Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.
- CVE-2022-37816Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetIpMacBind.
- CVE-2022-37820Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.
- CVE-2022-37814Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter.
- CVE-2022-37824Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
- CVE-2022-37817Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind.
- CVE-2022-37815Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex.
- CVE-2022-37813Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime.
- CVE-2022-37818Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
- CVE-2022-37809Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.
- CVE-2022-37808Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB.
- CVE-2022-37823Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
- CVE-2022-37821Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.
- CVE-2022-37819Aug 25, 2022risk 0.00cvss —epss 0.00
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.
- CVE-2022-37807Aug 25, 2022risk 0.00cvss —epss 0.01
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState.
Page 37 of 41