Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Total 801 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40843 1 Tenda 2 Ac1200 V-w15ev2, W15e Firmware 2024-02-28 N/A 4.9 MEDIUM
The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account.
CVE-2022-37821 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.
CVE-2022-32031 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-02-28 7.8 HIGH 7.5 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
CVE-2022-40075 1 Tenda 2 Ac21, Ac21 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set.
CVE-2022-40867 1 Tenda 2 W20e, W20e Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/
CVE-2022-37824 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
CVE-2022-38831 1 Tenda 2 Rx9 Pro, Rx9 Pro Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList
CVE-2022-37809 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.
CVE-2022-42080 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter.
CVE-2022-37820 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.
CVE-2022-38566 1 Tenda 2 M3, M3 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter.
CVE-2022-36571 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 N/A 7.2 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
CVE-2022-37801 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37823 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
CVE-2022-42163 1 Tenda 2 Ac10, Ac10 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting.
CVE-2022-40875 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.
CVE-2022-40868 1 Tenda 2 W20e, W20e Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/
CVE-2022-38567 1 Tenda 2 M3, M3 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter.
CVE-2022-38568 1 Tenda 2 M3, M3 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter.
CVE-2022-35559 1 Tenda 2 W6, W6 Firmware 2024-02-28 N/A 9.8 CRITICAL
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.