Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-28970 | 0.00 | — | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||
| CVE-2022-28969 | 0.00 | — | 0.01 | May 6, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | |||
| CVE-2022-28556 | 0.00 | — | 0.01 | May 4, 2022 | Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in… | |||
| CVE-2022-28082 | 0.00 | — | 0.09 | May 4, 2022 | Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList. | |||
| CVE-2022-28561 | 0.00 | — | 0.10 | May 3, 2022 | There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||
| CVE-2022-28560 | 0.00 | — | 0.02 | May 3, 2022 | There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||
| CVE-2022-27374 | 0.00 | — | 0.00 | Apr 25, 2022 | Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot. | |||
| CVE-2022-27375 | 0.00 | — | 0.00 | Apr 25, 2022 | Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet. | |||
| CVE-2022-27022 | 0.00 | — | 0.02 | Apr 7, 2022 | There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | |||
| CVE-2022-27016 | 0.00 | — | 0.02 | Apr 7, 2022 | There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn. | |||
| CVE-2022-26278 | 0.00 | — | 0.02 | Mar 28, 2022 | Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | |||
| CVE-2022-26243 | 0.00 | — | 0.01 | Mar 23, 2022 | Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function. | |||
| CVE-2021-38772 | 0.00 | — | 0.01 | Mar 23, 2022 | Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||
| CVE-2021-38278 | 0.00 | — | 0.01 | Mar 23, 2022 | Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function. | |||
| CVE-2022-25460 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function. | |||
| CVE-2022-25461 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function. | |||
| CVE-2022-25459 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function. | |||
| CVE-2022-25458 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function. | |||
| CVE-2022-25457 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | |||
| CVE-2022-25456 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function. | |||
| CVE-2022-25455 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. | |||
| CVE-2022-25454 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function. | |||
| CVE-2022-25453 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function. | |||
| CVE-2022-25452 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function. | |||
| CVE-2022-25451 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function. | |||
| CVE-2022-25450 | 0.00 | — | 0.12 | Mar 18, 2022 | Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||
| CVE-2022-25449 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | |||
| CVE-2022-25448 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function. | |||
| CVE-2022-25446 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function. | |||
| CVE-2022-25447 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. | |||
| CVE-2022-25445 | 0.00 | — | 0.09 | Mar 18, 2022 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | |||
| CVE-2022-25440 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | |||
| CVE-2022-25439 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. | |||
| CVE-2022-25437 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||
| CVE-2022-25435 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. | |||
| CVE-2022-25434 | 0.00 | — | 0.09 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function. | |||
| CVE-2022-25433 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function. | |||
| CVE-2022-25428 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | |||
| CVE-2022-25431 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. | |||
| CVE-2022-25429 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. | |||
| CVE-2022-25427 | 0.00 | — | 0.02 | Mar 18, 2022 | Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. | |||
| CVE-2022-24995 | 0.00 | — | 0.14 | Mar 9, 2022 | Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | |||
| CVE-2021-46408 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter. | |||
| CVE-2022-25566 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | |||
| CVE-2022-25560 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||
| CVE-2022-25561 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||
| CVE-2022-25557 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter. | |||
| CVE-2022-25558 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter. | |||
| CVE-2022-25556 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||
| CVE-2022-25555 | 0.00 | — | 0.01 | Mar 9, 2022 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter. |
- CVE-2022-28970May 6, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).
- CVE-2022-28969May 6, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).
- CVE-2022-28556May 4, 2022risk 0.00cvss —epss 0.01
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in…
- CVE-2022-28082May 4, 2022risk 0.00cvss —epss 0.09
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.
- CVE-2022-28561May 3, 2022risk 0.00cvss —epss 0.10
There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
- CVE-2022-28560May 3, 2022risk 0.00cvss —epss 0.02
There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
- CVE-2022-27374Apr 25, 2022risk 0.00cvss —epss 0.00
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.
- CVE-2022-27375Apr 25, 2022risk 0.00cvss —epss 0.00
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.
- CVE-2022-27022Apr 7, 2022risk 0.00cvss —epss 0.02
There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.
- CVE-2022-27016Apr 7, 2022risk 0.00cvss —epss 0.02
There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.
- CVE-2022-26278Mar 28, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
- CVE-2022-26243Mar 23, 2022risk 0.00cvss —epss 0.01
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.
- CVE-2021-38772Mar 23, 2022risk 0.00cvss —epss 0.01
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
- CVE-2021-38278Mar 23, 2022risk 0.00cvss —epss 0.01
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.
- CVE-2022-25460Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function.
- CVE-2022-25461Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function.
- CVE-2022-25459Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function.
- CVE-2022-25458Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function.
- CVE-2022-25457Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
- CVE-2022-25456Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function.
- CVE-2022-25455Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
- CVE-2022-25454Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function.
- CVE-2022-25453Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function.
- CVE-2022-25452Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the URLs parameter in the saveParentControlInfo function.
- CVE-2022-25451Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function.
- CVE-2022-25450Mar 18, 2022risk 0.00cvss —epss 0.12
Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
- CVE-2022-25449Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.
- CVE-2022-25448Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.
- CVE-2022-25446Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function.
- CVE-2022-25447Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
- CVE-2022-25445Mar 18, 2022risk 0.00cvss —epss 0.09
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
- CVE-2022-25440Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
- CVE-2022-25439Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
- CVE-2022-25437Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
- CVE-2022-25435Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
- CVE-2022-25434Mar 18, 2022risk 0.00cvss —epss 0.09
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
- CVE-2022-25433Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
- CVE-2022-25428Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
- CVE-2022-25431Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
- CVE-2022-25429Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
- CVE-2022-25427Mar 18, 2022risk 0.00cvss —epss 0.02
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
- CVE-2022-24995Mar 9, 2022risk 0.00cvss —epss 0.14
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
- CVE-2021-46408Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.
- CVE-2022-25566Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
- CVE-2022-25560Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
- CVE-2022-25561Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
- CVE-2022-25557Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.
- CVE-2022-25558Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.
- CVE-2022-25556Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
- CVE-2022-25555Mar 9, 2022risk 0.00cvss —epss 0.01
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.
Page 39 of 41