Total
13 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-14515 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors. | |||||
CVE-2017-14514 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. | |||||
CVE-2023-27062 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2023-27064 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2022-45997 | 1 Tenda | 2 W15e, W20e Firmware | 2024-02-28 | N/A | 7.2 HIGH |
Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow. | |||||
CVE-2022-45996 | 1 Tenda | 2 W15e, W20e Firmware | 2024-02-28 | N/A | 7.2 HIGH |
Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. | |||||
CVE-2023-27065 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2023-27063 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2023-27061 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2022-42060 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
CVE-2022-42058 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
CVE-2022-41396 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters. | |||||
CVE-2022-41395 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.8 HIGH |
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function. |