Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda
Angry Yack Logo
Total 1690 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49040 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 N/A 9.8 CRITICAL
An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function.
CVE-2023-48964 1 Tenda 2 I6, I6 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet.
CVE-2023-48963 1 Tenda 2 I6, I6 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget.
CVE-2023-48111 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVE-2023-48110 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVE-2023-48109 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVE-2023-47456 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 N/A 9.1 CRITICAL
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
CVE-2023-47455 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 N/A 9.1 CRITICAL
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
CVE-2023-46370 1 Tenda 2 W18e, W18e Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function.
CVE-2023-46369 1 Tenda 2 W18e, W18e Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function.
CVE-2023-45484 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
CVE-2023-45483 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
CVE-2023-45482 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVE-2023-45480 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
CVE-2023-45479 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.
CVE-2023-43886 1 Tenda 2 Rx9 Pro, Rx9 Pro Firmware 2024-11-21 N/A 7.1 HIGH
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
CVE-2023-43885 1 Tenda 2 Rx9 Pro, Rx9 Pro Firmware 2024-11-21 N/A 8.1 HIGH
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
CVE-2023-42320 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.
CVE-2023-41563 1 Tenda 4 Ac5, Ac5 Firmware, Ac9 and 1 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.
CVE-2023-41562 1 Tenda 6 Ac5, Ac5 Firmware, Ac7 and 3 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.
CVE-2023-41561 1 Tenda 4 Ac5, Ac5 Firmware, Ac9 and 1 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.
CVE-2023-41560 1 Tenda 2 Ac9, Ac9 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.
CVE-2023-41559 1 Tenda 6 Ac5, Ac5 Firmware, Ac7 and 3 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.
CVE-2023-41558 1 Tenda 2 Ac7, Ac7 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg.
CVE-2023-41557 1 Tenda 4 Ac5, Ac5 Firmware, Ac7 and 1 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter entrys and mitInterface at url /goform/addressNat.
CVE-2023-41556 1 Tenda 6 Ac5, Ac5 Firmware, Ac7 and 3 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind.
CVE-2023-41555 1 Tenda 2 Ac7, Ac7 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasicSet.
CVE-2023-41554 1 Tenda 2 Ac9, Ac9 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.
CVE-2023-41553 1 Tenda 4 Ac5, Ac5 Firmware, Ac9 and 1 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.
CVE-2023-41552 1 Tenda 4 Ac7, Ac7 Firmware, Ac9 and 1 more 2024-11-21 N/A 9.8 CRITICAL
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.
CVE-2023-40915 1 Tenda 2 Ax3, Ax3 Firmware 2024-11-21 N/A 7.5 HIGH
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.
CVE-2023-40904 1 Tenda 2 Ac10v4, Ac10v4 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg.
CVE-2023-40902 1 Tenda 2 Ac10v4, Ac10v4 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.
CVE-2023-40901 1 Tenda 2 Ac10v4, Ac10v4 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg.
CVE-2023-40848 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
CVE-2023-40847 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
CVE-2023-40846 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
CVE-2023-40845 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
CVE-2023-40844 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
CVE-2023-40843 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."