Filtered by vendor Tenda Subscriptions
Filtered by product I22 Firmware Subscriptions
Total 15 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-10750 1 Tenda 2 I22, I22 Firmware 2024-11-07 6.5 Medium
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-7585 1 Tenda 2 I22, I22 Firmware 2024-09-11 8.8 High
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-7584 1 Tenda 2 I22, I22 Firmware 2024-09-11 8.8 High
A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-7582 1 Tenda 2 I22, I22 Firmware 2024-08-08 8.8 High
A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-7583 1 Tenda 2 I22, I22 Firmware 2024-08-08 8.8 High
A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2022-45666 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.
CVE-2022-45665 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.
CVE-2022-45670 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
CVE-2022-45671 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.
CVE-2022-45672 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.
CVE-2022-45669 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.
CVE-2022-45667 1 Tenda 2 I22, I22 Firmware 2024-08-03 6.5 Medium
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2022-45664 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.
CVE-2022-45668 1 Tenda 2 I22, I22 Firmware 2024-08-03 6.5 Medium
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-45663 1 Tenda 2 I22, I22 Firmware 2024-08-03 7.5 High
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.