Filtered by vendor Tenda
Subscribe
Total
1690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36584 | 1 Tenda | 2 G3, G3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.
|
|||||
| CVE-2022-36571 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 7.2 HIGH |
|
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
|
|||||
| CVE-2022-36570 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 7.2 HIGH |
|
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
|
|||||
| CVE-2022-36569 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
|
|||||
| CVE-2022-36568 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
|
|||||
| CVE-2022-36273 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
|
|||||
| CVE-2022-35561 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
|
|||||
| CVE-2022-35560 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
|
|||||
| CVE-2022-35559 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.
|
|||||
| CVE-2022-35558 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
|
|||||
| CVE-2022-35557 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
|
|||||
| CVE-2022-35555 | 1 Tenda | 2 W6, W6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
|
|||||
| CVE-2022-35201 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
|
|||||
| CVE-2022-34597 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
|
|||||
| CVE-2022-34596 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
|
|||||
| CVE-2022-34595 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
|
|||||
| CVE-2022-32054 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
|
|||||
| CVE-2022-32043 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo.
|
|||||
| CVE-2022-32041 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData.
|
|||||
| CVE-2022-32040 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm.
|
|||||
| CVE-2022-32039 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient.
|
|||||
| CVE-2022-32037 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
|
|||||
| CVE-2022-32036 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
|
|||||
| CVE-2022-32035 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
|
|||||
| CVE-2022-32034 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
|
|||||
| CVE-2022-32033 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
|
|||||
| CVE-2022-32032 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
|
|||||
| CVE-2022-32031 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
|
|||||
| CVE-2022-32030 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
|
|||||
| CVE-2022-30477 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
|
|||||
| CVE-2022-30476 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
|
|||||
| CVE-2022-30475 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request.
|
|||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
|
|||||
| CVE-2022-30473 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set
|
|||||
| CVE-2022-30472 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
|
|||||
| CVE-2022-30425 | 1 Tenda | 2 Hg6, Hg6 Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.
|
|||||
| CVE-2022-30040 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.
|
|||||
| CVE-2022-30033 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.
|
|||||
| CVE-2022-30023 | 1 Tenda | 2 Hg9, Hg9 Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
|
|||||
| CVE-2022-29592 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).
|
|||||