Vulnerabilities > Tenda > M3 Firmware > 1.0.0.12.4856

DATE CVE VULNERABILITY TITLE RISK
2022-08-28 CVE-2022-38566 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-28 CVE-2022-38567 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-28 CVE-2022-38568 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-28 CVE-2022-38569 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-28 CVE-2022-38570 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-28 CVE-2022-38571 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.
network
low complexity
tenda CWE-787
7.5
7.5
2022-03-24 CVE-2022-26289 OS Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/exeCommand.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-03-24 CVE-2022-26290 OS Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-03-24 CVE-2022-26536 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setFixTools.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27076 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd.
network
low complexity
tenda CWE-77
critical
 9.8
9.8