Vulnerabilities > Tenda > AC6 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-38823 Classic Buffer Overflow vulnerability in Tenda products
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-10-03 CVE-2023-40830 Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.19
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-08-30 CVE-2023-40848 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40847 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40845 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40844 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40843 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40842 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40841 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40840 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
network
low complexity
tenda CWE-787
critical
 9.8
9.8