Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Total 804 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38569 1 Tenda 2 M3, M3 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.
CVE-2022-38570 1 Tenda 2 M3, M3 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter.
CVE-2022-40072 1 Tenda 2 Ac21, Ac21 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement.
CVE-2022-40861 1 Tenda 2 Ac18, Ac18 Firmware 2024-02-28 N/A 7.2 HIGH
Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/
CVE-2022-40851 1 Tenda 2 Ac15, Ac15 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
CVE-2022-34596 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-02-28 7.5 HIGH 9.8 CRITICAL
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-40845 1 Tenda 2 Ac1200 V-w15ev2, W15e Firmware 2024-02-28 N/A 6.5 MEDIUM
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have.
CVE-2022-37800 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.
CVE-2022-43106 1 Tenda 2 Ac23, Ac23 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.
CVE-2022-42077 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 6.5 MEDIUM
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-42078 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 6.5 MEDIUM
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2022-41395 1 Tenda 2 W15e, W15e Firmware 2024-02-28 N/A 7.8 HIGH
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function.
CVE-2022-35557 1 Tenda 2 W6, W6 Firmware 2024-02-28 N/A 7.5 HIGH
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
CVE-2022-37814 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter.
CVE-2022-43102 1 Tenda 2 Ac23, Ac23 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
CVE-2022-40074 1 Tenda 2 Ac21, Ac21 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi.
CVE-2022-42164 1 Tenda 2 Ac10, Ac10 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.
CVE-2022-43024 1 Tenda 2 Tx3, Tx3 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
CVE-2022-40102 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-32033 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-02-28 7.8 HIGH 7.5 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.