Filtered by vendor Tenda Subscriptions
Total 921 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-50852 2 Tenda, Tendacn 3 G3, G3, G3 Firmware 2024-11-21 8.8 High
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function.
CVE-2024-50853 2 Tenda, Tendacn 3 G3, G3, G3 Firmware 2024-11-21 8.8 High
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function.
CVE-2024-52714 1 Tenda 3 Ac6, Ac6 Firmware, Ac6v2.0 Firmware 2024-11-20 8.1 High
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.
CVE-2024-11248 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-19 8.8 High
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-50854 2 Tenda, Tendacn 3 G3, G3, G3 Firmware 2024-11-15 8.8 High
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function.
CVE-2023-51960 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-14 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
CVE-2023-51968 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-14 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function getIptvInfo.
CVE-2024-11056 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-14 8.8 High
A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-11061 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-13 8.8 High
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-37144 2 Tenda, Tendacn 2 Ac10, Ac10 Firmware 2024-11-13 9.8 Critical
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
CVE-2024-0994 1 Tenda 2 W6, W6 Firmware 2024-11-12 7.2 High
A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been declared as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252259. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-37700 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
CVE-2023-37701 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
CVE-2023-37702 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.
CVE-2023-37704 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
CVE-2023-37706 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function.
CVE-2023-37707 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.
CVE-2023-37710 1 Tenda 4 Ac10, Ac10 Firmware, Ac1206 and 1 more 2024-11-12 9.8 Critical
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
CVE-2023-37711 1 Tenda 4 Ac10, Ac10 Firmware, Ac1206 and 1 more 2024-11-12 9.8 Critical
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.
CVE-2023-37703 1 Tenda 2 Fh1203, Fh1203 Firmware 2024-11-12 9.8 Critical
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.