Filtered by vendor Tenda
Subscriptions
Total
870 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27082 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo. | ||||
| CVE-2022-27080 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode. | ||||
| CVE-2022-27076 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd. | ||||
| CVE-2022-27016 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn. | ||||
| CVE-2022-27022 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | ||||
| CVE-2022-27081 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo. | ||||
| CVE-2022-26536 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setFixTools. | ||||
| CVE-2022-26290 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac. | ||||
| CVE-2022-26289 | 1 Tenda | 2 M3, M3 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/exeCommand. | ||||
| CVE-2022-26278 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | ||||
| CVE-2022-25561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | ||||
| CVE-2022-25428 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | ||||
| CVE-2022-25552 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter. | ||||
| CVE-2022-25457 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | ||||
| CVE-2022-25566 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | ||||
| CVE-2022-25417 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-08-03 | 9.8 Critical |
| Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo. | ||||
| CVE-2022-25558 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter. | ||||
| CVE-2022-25556 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | ||||
| CVE-2022-25551 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter. | ||||
| CVE-2022-25549 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-03 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter. | ||||