Vulnerabilities > Tenda

DATE CVE VULNERABILITY TITLE RISK
2022-12-08 CVE-2022-44932 Unspecified vulnerability in Tenda A18 Firmware 15.13.07.09
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.
network
low complexity
tenda
7.5
7.5
2022-12-08 CVE-2022-45497 OS Command Injection vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-12-08 CVE-2022-45498 Unspecified vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.
network
low complexity
tenda
7.5
7.5
2022-12-08 CVE-2022-45499 Out-of-bounds Write vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45501 Out-of-bounds Write vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45503 Out-of-bounds Write vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45504 Unspecified vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device.
network
low complexity
tenda
7.5
7.5
2022-12-08 CVE-2022-45505 Out-of-bounds Write vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45506 OS Command Injection vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-12-08 CVE-2022-45507 Out-of-bounds Write vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName.
network
low complexity
tenda CWE-787
7.5
7.5