Filtered by vendor Tendacn
Subscriptions
Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-5768 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2024-08-05 | N/A |
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header. | ||||
CVE-2019-19505 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2024-08-05 | 8.8 High |
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. | ||||
CVE-2019-19506 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2024-08-05 | 7.5 High |
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot. | ||||
CVE-2019-16412 | 1 Tendacn | 2 N301, N301 Firmware | 2024-08-05 | 7.5 High |
In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) | ||||
CVE-2019-16213 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2024-08-05 | 8.8 High |
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. | ||||
CVE-2019-5072 | 1 Tendacn | 2 Ac1200 Smart Dual-band Gigabit Wifi, Ac9v1.0 Firmware | 2024-08-04 | 7.8 High |
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | ||||
CVE-2019-5071 | 1 Tendacn | 2 Ac1200 Smart Dual-band Gigabit Wifi, Ac9v1.0 Firmware | 2024-08-04 | 7.8 High |
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. | ||||
CVE-2020-28093 | 1 Tendacn | 2 Ac1200, Ac1200 Firmware | 2024-08-04 | 7.2 High |
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234. | ||||
CVE-2020-28094 | 1 Tendacn | 2 Ac1200, Ac1200 Firmware | 2024-08-04 | 7.5 High |
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning. | ||||
CVE-2020-24987 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2024-08-04 | 9.8 Critical |
Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to "radius". | ||||
CVE-2020-22079 | 1 Tendacn | 4 Ac10u, Ac10u Firmware, Ac9 and 1 more | 2024-08-04 | 9.8 Critical |
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. | ||||
CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-08-04 | 7.2 High |
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | ||||
CVE-2020-13392 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2020-13390 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2020-13393 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2020-13391 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2020-13389 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2020-13394 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
CVE-2021-45990 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-08-04 | 9.8 Critical |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name parameter. | ||||
CVE-2021-45992 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-08-04 | 7.5 High |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName parameter. |