Vulnerabilities > Tenda > Ax1806 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-26 CVE-2024-44563 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-07-15 CVE-2024-40416 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-07-15 CVE-2024-40415 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-07-15 CVE-2024-40414 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-07 CVE-2023-47456 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
network
low complexity
tenda CWE-787
critical
 9.1
9.1
2023-11-07 CVE-2023-47455 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
network
low complexity
tenda CWE-787
critical
 9.1
9.1
2022-07-06 CVE-2022-34597 OS Command Injection vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-07-01 CVE-2022-32032 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
network
low complexity
tenda CWE-787
critical
 9.8
9.8