Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Filtered by product I9 Firmware
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-0996 1 Tenda 2 I9, I9 Firmware 2024-05-17 8.3 HIGH 9.8 CRITICAL
A vulnerability classified as critical has been found in Tenda i9 1.0.0.9(4122). This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252261 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2022-40106 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40100 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 9.8 CRITICAL
Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.
CVE-2022-40101 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40105 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40107 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40104 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40102 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40103 1 Tenda 2 I9, I9 Firmware 2024-02-28 N/A 5.5 MEDIUM
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.