Filtered by vendor Tenda
Subscribe
Total
801 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-40843 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2024-02-28 | N/A | 4.9 MEDIUM |
The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account. | |||||
CVE-2022-37821 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince. | |||||
CVE-2022-32031 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic. | |||||
CVE-2022-40075 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set. | |||||
CVE-2022-40867 | 1 Tenda | 2 W20e, W20e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/ | |||||
CVE-2022-37824 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. | |||||
CVE-2022-38831 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList | |||||
CVE-2022-37809 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan. | |||||
CVE-2022-42080 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | |||||
CVE-2022-37820 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS. | |||||
CVE-2022-38566 | 1 Tenda | 2 M3, M3 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||||
CVE-2022-36571 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-02-28 | N/A | 7.2 HIGH |
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting. | |||||
CVE-2022-37801 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. | |||||
CVE-2022-37823 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer. | |||||
CVE-2022-42163 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting. | |||||
CVE-2022-40875 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo. | |||||
CVE-2022-40868 | 1 Tenda | 2 W20e, W20e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/ | |||||
CVE-2022-38567 | 1 Tenda | 2 M3, M3 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||||
CVE-2022-38568 | 1 Tenda | 2 M3, M3 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||||
CVE-2022-35559 | 1 Tenda | 2 W6, W6 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution. |