Vulnerabilities > Tenda > Ac1206 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-12 | CVE-2022-42077 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
| 2022-10-12 | CVE-2022-42078 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | 6.5 |
| 2022-10-12 | CVE-2022-42079 | Out-of-bounds Write vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet. | 7.5 |
| 2022-10-12 | CVE-2022-42080 | Out-of-bounds Write vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | 7.5 |
| 2022-10-12 | CVE-2022-42081 | Out-of-bounds Write vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter. | 7.5 |
| 2022-08-25 | CVE-2022-37810 | OS Command Injection vulnerability in Tenda Ac1206 Firmware 15.03.06.23 Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | 9.8 |