Vulnerabilities > Tenda

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2022-37822 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.
local
low complexity
tenda CWE-787
7.8
7.8
2022-08-25 CVE-2022-37823 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
local
low complexity
tenda CWE-787
7.8
7.8
2022-08-25 CVE-2022-37824 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
local
low complexity
tenda CWE-787
7.8
7.8
2022-08-19 CVE-2022-37175 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-08-19 CVE-2022-35201 Unspecified vulnerability in Tenda Ac18 Firmware 15.03.05.05
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
network
low complexity
tenda
critical
 9.8
9.8
2022-08-16 CVE-2022-36273 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-08-12 CVE-2022-35555 OS Command Injection vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-08-12 CVE-2022-35557 Out-of-bounds Write vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-12 CVE-2022-35558 Out-of-bounds Write vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
network
low complexity
tenda CWE-787
7.5
7.5
2022-08-12 CVE-2022-35559 Out-of-bounds Write vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack.
network
low complexity
tenda CWE-787
critical
 9.8
9.8