Vulnerabilities > Tenda
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-27 | CVE-2023-49047 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName. | 7.5 |
2023-11-27 | CVE-2023-49043 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. | 9.8 |
2023-11-27 | CVE-2023-49046 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule. | 9.8 |
2023-11-20 | CVE-2023-38823 | Classic Buffer Overflow vulnerability in Tenda products Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | 9.8 |
2023-11-20 | CVE-2023-48109 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . | 7.5 |
2023-11-20 | CVE-2023-48110 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . | 7.5 |
2023-11-20 | CVE-2023-48111 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . | 7.5 |
2023-11-14 | CVE-2022-45781 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1/1.0.0.12890/1.0.0.12994 Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName. | 8.8 |
2023-11-07 | CVE-2023-47455 | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size. | 9.1 |
2023-11-07 | CVE-2023-47456 | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat. | 9.1 |