Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-51963 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51964 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51965 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51961 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51966 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51971 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-10 CVE-2023-51972 Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2024-01-09 CVE-2023-50585 Out-of-bounds Write vulnerability in Tenda A18 Firmware 15.13.07.09
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-04 CVE-2023-51812 Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.
network
low complexity
tenda
critical
 9.8
9.8
2023-12-26 CVE-2023-51090 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
network
low complexity
tenda CWE-787
critical
 9.8
9.8