Filtered by vendor Tendacn
Subscriptions
Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-41465 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 7.5 High |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | ||||
CVE-2024-41459 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 8.8 High |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | ||||
CVE-2024-41464 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-08-02 | 9.8 Critical |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic | ||||
CVE-2024-41463 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 4.3 Medium |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | ||||
CVE-2024-41462 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 4.3 Medium |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | ||||
CVE-2024-41466 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 7.5 High |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting. | ||||
CVE-2024-41460 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-02 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | ||||
CVE-2024-40515 | 1 Tendacn | 1 Ax2 Pro | 2024-08-02 | 9.8 Critical |
An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote attacker to execute arbitrary code via the Routing functionality. | ||||
CVE-2024-35338 | 1 Tendacn | 2 I29, I29 Firmware | 2024-08-02 | 9.8 Critical |
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. | ||||
CVE-2024-33365 | 1 Tendacn | 1 Ac10 Firmware | 2024-08-02 | 7.5 High |
Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10.20_cn allows a remote attacker to execute arbitrary code via the Virtual_Data_Check function in the bin/httpd component. | ||||
CVE-2024-33181 | 1 Tendacn | 1 Ac18 Firmware | 2024-08-02 | 8.8 High |
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter. | ||||
CVE-2024-33180 | 2 Tenda, Tendacn | 3 Ac18, Ac18, Ac18 Firmware | 2024-08-02 | 9.8 Critical |
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. | ||||
CVE-2024-33182 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2024-08-02 | 8.3 High |
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. | ||||
CVE-2024-24488 | 1 Tendacn | 2 Cp3, Cp3 Firmware | 2024-08-01 | 5.5 Medium |
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. | ||||
CVE-2024-0925 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0923 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0926 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252131. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0932 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252137 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0927 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252132. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2024-0922 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-08-01 | 4.7 Medium |
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252127. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |