Vulnerabilities > Tenda > AX3 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-01-04 CVE-2023-51812 Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.
network
low complexity
tenda
critical
 9.8
9.8
2023-12-07 CVE-2023-49408 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49409 Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
network
low complexity
tenda
critical
 9.8
9.8
2023-08-25 CVE-2023-40915 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set.
network
low complexity
tenda CWE-787
7.5
7.5
2023-03-15 CVE-2023-27239 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-03-15 CVE-2023-27240 Command Injection vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-02-23 CVE-2023-24212 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-10 CVE-2022-24995 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.10Cn
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime.
network
low complexity
tenda CWE-787
7.5
7.5
2022-03-04 CVE-2021-46394 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.10
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN.
network
low complexity
tenda CWE-787
7.5
7.5
2022-03-04 CVE-2021-46393 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.10
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN.
network
low complexity
tenda CWE-787
7.5
7.5