Vulnerabilities > Tenda
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-07 | CVE-2023-43885 | Missing Authorization vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | 8.1 |
2023-11-07 | CVE-2023-43886 | Out-of-bounds Write vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | 7.1 |
2023-10-25 | CVE-2023-46369 | Out-of-bounds Write vulnerability in Tenda W18E Firmware 16.01.0.8(1576) Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. | 9.8 |
2023-10-25 | CVE-2023-46370 | Command Injection vulnerability in Tenda W18E Firmware 16.01.0.8(1576) Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function. | 9.8 |
2023-10-03 | CVE-2023-40830 | Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | 9.8 |
2023-09-18 | CVE-2023-42320 | Classic Buffer Overflow vulnerability in Tenda Ac10 Firmware 16.03.10.13 Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. | 9.8 |
2023-09-06 | CVE-2023-4498 | Improper Authentication vulnerability in Tenda N300 Firmware 53.0.1.6 Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | 5.3 |
2023-09-05 | CVE-2021-40546 | Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26 Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | 4.9 |
2023-09-04 | CVE-2023-4744 | Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.06 A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. | 9.8 |
2023-08-30 | CVE-2023-40837 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. | 9.8 |