VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2022-28970May 6, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).

  • CVE-2022-28969May 6, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).

  • CVE-2022-28556May 4, 2022
    risk 0.00cvss epss 0.01

    Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in…

  • CVE-2022-28082May 4, 2022
    risk 0.00cvss epss 0.09

    Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.

  • CVE-2022-28561May 3, 2022
    risk 0.00cvss epss 0.10

    There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload

  • CVE-2022-28560May 3, 2022
    risk 0.00cvss epss 0.02

    There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload

  • CVE-2022-27374Apr 25, 2022
    risk 0.00cvss epss 0.00

    Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.

  • CVE-2022-27375Apr 25, 2022
    risk 0.00cvss epss 0.00

    Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.

  • CVE-2022-27022Apr 7, 2022
    risk 0.00cvss epss 0.02

    There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.

  • CVE-2022-27016Apr 7, 2022
    risk 0.00cvss epss 0.02

    There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.

  • CVE-2022-26278Mar 28, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.

  • CVE-2022-26243Mar 23, 2022
    risk 0.00cvss epss 0.01

    Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.

  • CVE-2021-38772Mar 23, 2022
    risk 0.00cvss epss 0.01

    Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

  • CVE-2021-38278Mar 23, 2022
    risk 0.00cvss epss 0.01

    Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.

  • CVE-2022-25460Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function.

  • CVE-2022-25461Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function.

  • CVE-2022-25459Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function.

  • CVE-2022-25458Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function.

  • CVE-2022-25457Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.

  • CVE-2022-25456Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function.

  • CVE-2022-25455Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.

  • CVE-2022-25454Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function.

  • CVE-2022-25453Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function.

  • CVE-2022-25452Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.

  • CVE-2022-25451Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function.

  • CVE-2022-25450Mar 18, 2022
    risk 0.00cvss epss 0.12

    Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.

  • CVE-2022-25449Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.

  • CVE-2022-25448Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.

  • CVE-2022-25446Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function.

  • CVE-2022-25447Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.

  • CVE-2022-25445Mar 18, 2022
    risk 0.00cvss epss 0.09

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.

  • CVE-2022-25440Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.

  • CVE-2022-25439Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.

  • CVE-2022-25437Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.

  • CVE-2022-25435Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.

  • CVE-2022-25434Mar 18, 2022
    risk 0.00cvss epss 0.09

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.

  • CVE-2022-25433Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.

  • CVE-2022-25428Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.

  • CVE-2022-25431Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.

  • CVE-2022-25429Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.

  • CVE-2022-25427Mar 18, 2022
    risk 0.00cvss epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.

  • CVE-2022-24995Mar 9, 2022
    risk 0.00cvss epss 0.14

    Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.

  • CVE-2021-46408Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.

  • CVE-2022-25566Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.

  • CVE-2022-25560Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.

  • CVE-2022-25561Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.

  • CVE-2022-25557Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.

  • CVE-2022-25558Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.

  • CVE-2022-25556Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.

  • CVE-2022-25555Mar 9, 2022
    risk 0.00cvss epss 0.01

    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.