Filtered by vendor Tendacn Subscriptions
Total 145 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-46628 2 Tenda, Tendacn 3 G3 Firmware, G3, G3 Firmware 2024-10-04 8 High
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
CVE-2023-40942 2 Tenda, Tendacn 3 Ac9v3.0br, Ac9, Ac9 Firmware 2024-09-26 9.8 Critical
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.
CVE-2023-44019 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
CVE-2023-44018 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
CVE-2023-44017 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
CVE-2023-44016 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
CVE-2023-44015 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.
CVE-2023-44014 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.
CVE-2023-44013 2 Tenda, Tendacn 3 Ac10u Firmware, Ac10u, Ac10u Firmware 2024-09-25 8.8 High
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.
CVE-2023-44020 2 Tenda, Tendacn 3 Ac10u, Ac10u, Ac10u Firmware 2024-09-24 9.8 Critical
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
CVE-2023-44021 2 Tenda, Tendacn 3 Ac10u, Ac10u, Ac10u Firmware 2024-09-24 9.8 Critical
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.
CVE-2023-44022 2 Tenda, Tendacn 3 Ac10u, Ac10u, Ac10u Firmware 2024-09-24 9.8 Critical
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
CVE-2023-44023 2 Tenda, Tendacn 3 Ac10u, Ac10u, Ac10u Firmware 2024-09-24 9.8 Critical
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
CVE-2017-9138 1 Tendacn 6 F1200, F1200 Firmware, F1202 and 3 more 2024-09-17 N/A
There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering shell commands that change this router's username and password.
CVE-2017-9139 1 Tendacn 6 F1200, F1200 Firmware, F1202 and 3 more 2024-09-16 N/A
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.
CVE-2018-14492 1 Tendacn 10 Ac10, Ac10 Firmware, Ac15 and 7 more 2024-09-16 N/A
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-20373 1 Tendacn 2 Adsl, Adsl Firmware 2024-09-16 N/A
Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.
CVE-2024-0930 1 Tendacn 2 Ac10u, Ac10u Firmware 2024-09-12 4.7 Medium
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-6402 1 Tendacn 2 A301, A301 Firmware 2024-08-30 6.5 Medium
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269947. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-6403 1 Tendacn 2 A301, A301 Firmware 2024-08-30 6.5 Medium
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269948. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.