Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-51972 Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2024-01-09 CVE-2023-50585 Out-of-bounds Write vulnerability in Tenda A18 Firmware 15.13.07.09
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2024-01-04 CVE-2023-51812 Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.
network
low complexity
tenda
critical
 9.8
9.8
2023-12-26 CVE-2023-51090 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51091 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51092 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51093 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51094 OS Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-12-26 CVE-2023-51097 Out-of-bounds Write vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51098 OS Command Injection vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo .
network
low complexity
tenda CWE-78
critical
 9.8
9.8