Vulnerabilities > Tenda > AC6 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-30 CVE-2023-40842 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40841 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40840 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40839 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-30 CVE-2023-40838 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-30 CVE-2023-40837 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-28 CVE-2023-40846 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-18 CVE-2023-39670 Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-08-07 CVE-2023-38937 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38936 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8