Filtered by vendor Tenda
Subscriptions
Total
870 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29591 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-08-03 | 9.8 Critical |
| Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. | ||||
| CVE-2022-29592 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-08-03 | 9.8 Critical |
| Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route). | ||||
| CVE-2022-28971 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28970 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28969 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28973 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28972 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28917 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp. | ||||
| CVE-2022-28572 | 1 Tenda | 4 Ax1803, Ax1803 Firmware, Ax1806 and 1 more | 2024-08-03 | 8.8 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function | ||||
| CVE-2022-28561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 9.8 Critical |
| There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | ||||
| CVE-2022-28557 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-08-03 | 9.8 Critical |
| There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution | ||||
| CVE-2022-28560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | ||||
| CVE-2022-28556 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-08-03 | 7.5 High |
| Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971 | ||||
| CVE-2022-28082 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList. | ||||
| CVE-2022-27375 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 6.5 Medium |
| Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet. | ||||
| CVE-2022-27374 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 6.5 Medium |
| Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot. | ||||
| CVE-2022-27079 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem. | ||||
| CVE-2022-27083 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic. | ||||
| CVE-2022-27077 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic. | ||||
| CVE-2022-27078 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail. | ||||