Vulnerabilities > Tenda > Ac23 Firmware > 16.03.07.45.cn

DATE CVE VULNERABILITY TITLE RISK
2023-08-25 CVE-2023-40797 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
8.8
2023-08-25 CVE-2023-40798 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
8.8
2023-08-25 CVE-2023-40799 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-25 CVE-2023-40800 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
network
low complexity
tenda CWE-20
8.8
8.8
2023-08-25 CVE-2023-40802 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn
network
low complexity
tenda CWE-787
6.5
6.5
2023-05-11 CVE-2023-2649 Command Injection vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
A vulnerability was found in Tenda AC23 16.03.07.45_cn.
network
low complexity
tenda CWE-77
8.8
8.8
2022-11-03 CVE-2022-43101 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-11-03 CVE-2022-43102 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-11-03 CVE-2022-43103 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-11-03 CVE-2022-43104 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8