Filtered by vendor Tenda
Subscribe
Total
746 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38933 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2023-38931 | 1 Tenda | 16 Ac10, Ac10 Firmware, Ac1206 and 13 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. | |||||
| CVE-2023-38940 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2023-38939 | 1 Tenda | 4 F1202, F1202 Firmware, Fh1202 and 1 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1202 V1.2.0.9 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the mit_ssid parameter in the formWrlsafeset function. | |||||
| CVE-2023-38938 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im. | |||||
| CVE-2023-38934 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | |||||
| CVE-2023-38932 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | |||||
| CVE-2023-38930 | 1 Tenda | 10 Ac5, Ac5 Firmware, Ac7 and 7 more | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | |||||
| CVE-2023-38929 | 1 Tenda | 2 4g300, 4g300 Firmware | 2023-08-09 | N/A | 9.8 CRITICAL |
| Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | |||||
| CVE-2022-40845 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | N/A | 6.5 MEDIUM |
| The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have. | |||||
| CVE-2022-40843 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | N/A | 4.9 MEDIUM |
| The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account. | |||||
| CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | |||||
| CVE-2022-45506 | 1 Tenda | 2 W30e, W30e Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. | |||||
| CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. | |||||
| CVE-2022-28556 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971 | |||||
| CVE-2022-27079 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem. | |||||
| CVE-2022-45996 | 1 Tenda | 2 W15e, W20e Firmware | 2023-08-08 | N/A | 7.2 HIGH |
| Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. | |||||
| CVE-2022-32030 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. | |||||
| CVE-2022-25431 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. | |||||
| CVE-2022-32039 | 1 Tenda | 2 M3, M3 Firmware | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient. | |||||