Filtered by vendor Tendacn
Subscriptions
Total
149 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-50852 | 2 Tenda, Tendacn | 3 G3, G3, G3 Firmware | 2024-11-21 | 8.8 High |
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. | ||||
CVE-2024-50853 | 2 Tenda, Tendacn | 3 G3, G3, G3 Firmware | 2024-11-21 | 8.8 High |
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. | ||||
CVE-2024-50854 | 2 Tenda, Tendacn | 3 G3, G3, G3 Firmware | 2024-11-15 | 8.8 High |
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. | ||||
CVE-2024-0535 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2024-11-14 | 8.8 High |
A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250705 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0932 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-13 | 4.7 Medium |
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252137 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2023-37144 | 2 Tenda, Tendacn | 2 Ac10, Ac10 Firmware | 2024-11-13 | 9.8 Critical |
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | ||||
CVE-2024-6189 | 1 Tendacn | 2 A301, A301 Firmware | 2024-11-01 | 8.8 High |
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-41461 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-10-25 | 9.8 Critical |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. | ||||
CVE-2024-46628 | 2 Tenda, Tendacn | 3 G3 Firmware, G3, G3 Firmware | 2024-10-04 | 8 High |
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. | ||||
CVE-2023-40942 | 2 Tenda, Tendacn | 3 Ac9v3.0br, Ac9, Ac9 Firmware | 2024-09-26 | 9.8 Critical |
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg. | ||||
CVE-2023-44019 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function. | ||||
CVE-2023-44018 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function. | ||||
CVE-2023-44017 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | ||||
CVE-2023-44016 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
CVE-2023-44015 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function. | ||||
CVE-2023-44014 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters. | ||||
CVE-2023-44013 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-09-25 | 8.8 High |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function. | ||||
CVE-2023-44020 | 2 Tenda, Tendacn | 3 Ac10u, Ac10u, Ac10u Firmware | 2024-09-24 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | ||||
CVE-2023-44021 | 2 Tenda, Tendacn | 3 Ac10u, Ac10u, Ac10u Firmware | 2024-09-24 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function. | ||||
CVE-2023-44022 | 2 Tenda, Tendacn | 3 Ac10u, Ac10u, Ac10u Firmware | 2024-09-24 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. |