Vulnerabilities > Tenda > F1203 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-38940 Out-of-bounds Write vulnerability in Tenda F1203 Firmware, Fh1203 Firmware and Fh1205 Firmware
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38936 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38934 Out-of-bounds Write vulnerability in Tenda F1203 Firmware, Fh1203 Firmware and Fh1205 Firmware
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38933 Out-of-bounds Write vulnerability in Tenda products
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38931 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38930 Out-of-bounds Write vulnerability in Tenda products
Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-12-20 CVE-2022-46538 OS Command Injection vulnerability in Tenda F1203 Firmware 2.0.1.6
Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac parameter at /goform/WriteFacMac.
network
low complexity
tenda CWE-78
critical
 9.8
9.8