Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-26 CVE-2023-51099 OS Command Injection vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand .
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-12-26 CVE-2023-51100 OS Command Injection vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo .
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-12-26 CVE-2023-51101 Out-of-bounds Write vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51102 Out-of-bounds Write vulnerability in Tenda W9 Firmware 1.0.0.7(4456)Cn
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFilterSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-26 CVE-2023-51095 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50983 Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-12-20 CVE-2023-50984 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50985 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50986 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50987 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8