Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-27707 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit. | |||||
CVE-2021-27705 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit. | |||||
CVE-2021-27706 | 1 Tenda | 4 G1, G1 Firmware, G3 and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit. |