Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-20 CVE-2023-50988 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50989 Command Injection vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-12-20 CVE-2023-50990 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-20 CVE-2023-50992 Out-of-bounds Write vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49404 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49405 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49406 Unspecified vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
network
low complexity
tenda
critical
 9.8
9.8
2023-12-07 CVE-2023-49408 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49409 Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
network
low complexity
tenda
critical
 9.8
9.8
2023-12-07 CVE-2023-49411 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.
network
low complexity
tenda CWE-787
critical
 9.8
9.8