Search
Search Results (16 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0995 | 1 Tenda | 2 W6, W6 Firmware | 2025-06-02 | 7.2 High |
| A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been rated as critical. Affected by this issue is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252260. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-28221 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-05-08 | 7.5 High |
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request. | ||||
| CVE-2025-28220 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-05-06 | 7.5 High |
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request. | ||||
| CVE-2022-45504 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | ||||
| CVE-2022-45503 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing. | ||||
| CVE-2022-45501 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset. | ||||
| CVE-2022-45499 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet. | ||||
| CVE-2022-45498 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | ||||
| CVE-2022-45497 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 9.8 Critical |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. | ||||
| CVE-2024-0994 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 7.2 High |
| A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been declared as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252259. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2022-35561 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 7.5 High |
| A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. | ||||
| CVE-2022-35560 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 7.5 High |
| A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. | ||||
| CVE-2022-35559 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 9.8 Critical |
| A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution. | ||||
| CVE-2022-35558 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 7.5 High |
| A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. | ||||
| CVE-2022-35557 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 7.5 High |
| A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. | ||||
| CVE-2022-35555 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | 9.8 Critical |
| A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. | ||||
Page 1 of 1.