| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. |
| A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257081 was assigned to this vulnerability. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. |
| A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257780. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. |
| Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. |
| Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. |
| Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. |
