Filtered by vendor Tenda
Subscriptions
Total
924 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41483 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41482 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41481 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41480 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41396 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | 7.8 High |
| Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters. | ||||
| CVE-2022-41395 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | 7.8 High |
| Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function. | ||||
| CVE-2022-40942 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time. | ||||
| CVE-2022-40876 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 9.8 Critical |
| In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE). | ||||
| CVE-2022-40875 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo. | ||||
| CVE-2022-40874 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request. | ||||
| CVE-2022-40868 | 1 Tenda | 2 W20e, W20e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/ | ||||
| CVE-2022-40867 | 1 Tenda | 2 W20e, W20e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/ | ||||
| CVE-2022-40866 | 1 Tenda | 2 W20e, W20e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/ | ||||
| CVE-2022-40861 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.2 High |
| Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/ | ||||
| CVE-2022-40855 | 1 Tenda | 2 W20e, W20e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | ||||
| CVE-2022-40854 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set | ||||
| CVE-2022-40851 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | ||||
| CVE-2022-40847 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2024-11-21 | 7.8 High |
| In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter. | ||||
| CVE-2022-40846 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2024-11-21 | 4.8 Medium |
| In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname. | ||||
| CVE-2022-40845 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2024-11-21 | 6.5 Medium |
| The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have. | ||||