Filtered by vendor Tenda
Subscriptions
Total
914 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-42954 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42973 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42974 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42979 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42983 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42984 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42985 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42976 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42955 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42946 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42982 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | 5.3 Medium |
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42952 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | 7.5 High |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42944 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-15 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-2854 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-08-12 | 6.3 Medium |
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-2808 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-08-12 | 8.8 High |
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257663. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-2810 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-08-12 | 8.8 High |
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257665 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-7582 | 1 Tenda | 2 I22, I22 Firmware | 2024-08-08 | 8.8 High |
A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-7583 | 1 Tenda | 2 I22, I22 Firmware | 2024-08-08 | 8.8 High |
A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-2814 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-08-08 | 8.8 High |
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-40414 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-07 | 9.6 Critical |
A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. |