Vulnerabilities > Tenda

DATE CVE VULNERABILITY TITLE RISK
2022-05-11 CVE-2022-30040 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.12890
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow.
network
low complexity
tenda CWE-787
5.0
2022-05-10 CVE-2022-29591 Classic Buffer Overflow vulnerability in Tenda TX9 PRO Firmware 22.03.02.10
Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.
network
low complexity
tenda CWE-120
critical
10.0
2022-05-06 CVE-2022-28969 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
network
low complexity
tenda CWE-787
7.8
2022-05-06 CVE-2022-28970 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo.
network
low complexity
tenda CWE-787
7.8
2022-05-06 CVE-2022-28971 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind.
network
low complexity
tenda CWE-787
7.8
2022-05-06 CVE-2022-28972 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set.
network
low complexity
tenda CWE-787
7.8
2022-05-06 CVE-2022-28973 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan.
network
low complexity
tenda CWE-787
7.8
2022-05-05 CVE-2022-29592 OS Command Injection vulnerability in Tenda TX9 PRO Firmware 22.03.02.10
Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).
network
low complexity
tenda CWE-78
critical
10.0
2022-05-04 CVE-2022-28556 Allocation of Resources Without Limits or Throttling vulnerability in Tenda Ac15 Firmware 15.03.05.20Multitde01
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow.
network
low complexity
tenda CWE-770
5.0
2022-05-04 CVE-2022-28557 Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.20Multitde01
There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution
network
low complexity
tenda CWE-77
7.5