Vulnerabilities > Tenda > Ac23 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2023-40797 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
| 2023-08-25 | CVE-2023-40798 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
| 2023-08-25 | CVE-2023-40799 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | 9.8 |
| 2023-08-25 | CVE-2023-40800 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | 8.8 |
| 2023-08-25 | CVE-2023-40802 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 6.5 |
| 2023-05-11 | CVE-2023-2649 | Command Injection vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn A vulnerability was found in Tenda AC23 16.03.07.45_cn. | 8.8 |
| 2023-02-11 | CVE-2023-0782 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45 A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. | 9.8 |
| 2022-11-03 | CVE-2022-43101 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | 9.8 |
| 2022-11-03 | CVE-2022-43102 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | 9.8 |
| 2022-11-03 | CVE-2022-43103 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function. | 9.8 |