Filtered by vendor Tendacn
Subscribe
Total
130 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45645 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function. | |||||
| CVE-2020-24987 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2022-11-07 | 6.8 MEDIUM | 9.8 CRITICAL |
| Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to "radius". | |||||
| CVE-2020-22079 | 1 Tendacn | 4 Ac10u, Ac10u Firmware, Ac9 and 1 more | 2022-10-26 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. | |||||
| CVE-2022-40853 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set | |||||
| CVE-2022-40860 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList | |||||
| CVE-2022-40862 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting | |||||
| CVE-2022-40864 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet | |||||
| CVE-2022-40865 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ | |||||
| CVE-2022-40869 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-23 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). | |||||
| CVE-2022-38325 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-19 | N/A | 9.8 CRITICAL |
| Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. | |||||
| CVE-2022-38326 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2022-09-19 | N/A | 9.8 CRITICAL |
| Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | |||||
| CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2022-09-14 | 6.5 MEDIUM | 7.2 HIGH |
| A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | |||||
| CVE-2022-36233 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2022-08-21 | N/A | 5.5 MEDIUM |
| Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. | |||||
| CVE-2022-32386 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-14 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan. | |||||
| CVE-2022-32384 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 5.8 MEDIUM | 8.8 HIGH |
| Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet. | |||||
| CVE-2022-32383 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function. | |||||
| CVE-2022-32385 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote). | |||||
| CVE-2021-45987 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter. | |||||
| CVE-2021-45986 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usbOrdinaryUserName parameter. | |||||
| CVE-2019-5071 | 1 Tendacn | 2 Ac1200 Smart Dual-band Gigabit Wifi, Ac9v1.0 Firmware | 2022-06-21 | 7.2 HIGH | 7.8 HIGH |
| An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | |||||