Vulnerabilities > Tenda
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-11 | CVE-2023-2649 | Unspecified vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn A vulnerability was found in Tenda AC23 16.03.07.45_cn. | 8.8 |
2023-05-10 | CVE-2023-30351 | Inadequate Encryption Strength vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. | 7.5 |
2023-05-10 | CVE-2023-30352 | Use of Hard-coded Credentials vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | 9.8 |
2023-05-10 | CVE-2023-30353 | Command Injection vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | 9.8 |
2023-05-10 | CVE-2023-30354 | Cleartext Transmission of Sensitive Information vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access. | 9.8 |
2023-05-10 | CVE-2023-30356 | Improper Validation of Integrity Check Value vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware | 7.5 |
2023-05-05 | CVE-2023-30135 | Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)Cn Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function. | 9.8 |
2023-05-01 | CVE-2023-29680 | Cleartext Transmission of Sensitive Information vulnerability in Tenda N301 Firmware 12.03.01.06Pt Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | 5.7 |
2023-05-01 | CVE-2023-29681 | Cleartext Transmission of Sensitive Information vulnerability in Tenda N301 Firmware 12.02.01.61Multi Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | 5.7 |
2023-04-24 | CVE-2023-30370 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19 In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | 9.8 |