Filtered by vendor Tendacn
Subscriptions
Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-24171 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-08-03 | 9.8 Critical |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters. | ||||
CVE-2022-24165 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-08-03 | 9.8 Critical |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter. | ||||
CVE-2022-24167 | 1 Tendacn | 4 G1, G1 Firmware, G3 and 1 more | 2024-08-03 | 9.8 Critical |
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 parameter. | ||||
CVE-2024-41473 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 8 High |
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | ||||
CVE-2024-41468 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-08-02 | 9.8 Critical |
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | ||||
CVE-2023-44022 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | ||||
CVE-2023-44017 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | ||||
CVE-2023-44018 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function. | ||||
CVE-2023-44020 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | ||||
CVE-2023-44016 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
CVE-2023-44013 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function. | ||||
CVE-2023-44019 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function. | ||||
CVE-2023-44021 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function. | ||||
CVE-2023-44014 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters. | ||||
CVE-2023-44023 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||||
CVE-2023-44015 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function. | ||||
CVE-2023-40942 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg. | ||||
CVE-2023-37144 | 2 Tenda, Tendacn | 2 Ac10, Ac10 Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | ||||
CVE-2024-2764 | 1 Tendacn | 1 Ac10u Firmware | 2024-08-02 | 8.8 High |
A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument endIP leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257601 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-41461 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-08-02 | 9.8 Critical |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. |