Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Total 801 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37807 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState.
CVE-2022-36584 1 Tenda 2 G3, G3 Firmware 2024-02-28 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.
CVE-2022-43103 1 Tenda 2 Ac23, Ac23 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.
CVE-2022-42170 1 Tenda 2 Ac10, Ac10 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
CVE-2022-40069 1 Tenda 2 Ac21, Ac21 Firmware 2024-02-28 N/A 7.5 HIGH
]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime.
CVE-2022-40105 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-43029 1 Tenda 2 Tx3, Tx3 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg.
CVE-2022-37808 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB.
CVE-2022-35201 1 Tenda 2 Ac18, Ac18 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
CVE-2022-40107 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40073 1 Tenda 2 Ac21, Ac21 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo.
CVE-2022-32030 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-02-28 7.8 HIGH 7.5 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
CVE-2022-40104 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40866 1 Tenda 2 W20e, W20e Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/
CVE-2022-38310 1 Tenda 2 Ac18, Ac18 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.
CVE-2022-41396 1 Tenda 2 W15e, W15e Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.
CVE-2022-34595 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
CVE-2022-36587 1 Tenda 2 G3, G3 Firmware 2024-02-28 N/A 9.8 CRITICAL
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
CVE-2022-41482 1 Tenda 2 Ac6, Ac6v2.0 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-38313 1 Tenda 2 Ac18, Ac18 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo.