Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Total 800 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25414 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR.
CVE-2022-24995 1 Tenda 2 Ax3, Ax3 Firmware 2024-02-28 7.5 HIGH 9.8 CRITICAL
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
CVE-2022-27081 1 Tenda 2 M3, M3 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo.
CVE-2022-30023 1 Tenda 2 Hg9, Hg9 Firmware 2024-02-28 9.0 HIGH 8.8 HIGH
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
CVE-2022-25445 1 Tenda 2 Ac6, Ac6 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVE-2022-25438 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
CVE-2022-25556 1 Tenda 2 Ax12, Ax12 Firmware 2024-02-28 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
CVE-2022-25456 1 Tenda 2 Ac6, Ac6 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function.
CVE-2022-28969 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-02-28 7.8 HIGH 7.5 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).
CVE-2022-25448 1 Tenda 2 Ac6, Ac6 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function.
CVE-2022-25418 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.
CVE-2022-27082 1 Tenda 2 M3, M3 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo.
CVE-2022-25440 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
CVE-2022-25417 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.
CVE-2022-25427 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
CVE-2022-30425 1 Tenda 2 Hg6, Hg6 Firmware 2024-02-28 9.0 HIGH 8.8 HIGH
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.
CVE-2022-25460 1 Tenda 2 Ac6, Ac6 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function.
CVE-2022-25458 1 Tenda 2 Ac6, Ac6 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function.
CVE-2022-25439 1 Tenda 2 Ac9, Ac9 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
CVE-2022-27078 1 Tenda 2 M3, M3 Firmware 2024-02-28 10.0 HIGH 9.8 CRITICAL
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail.