Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2023-45483 Out-of-bounds Write vulnerability in Tenda Ac10 Firmware 16.03.10.13
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-29 CVE-2023-45484 Out-of-bounds Write vulnerability in Tenda Ac10 Firmware 16.03.10.13
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-27 CVE-2023-49044 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-27 CVE-2023-49040 Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.1
An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-11-27 CVE-2023-49042 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-27 CVE-2023-49043 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-27 CVE-2023-49046 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-20 CVE-2023-38823 Classic Buffer Overflow vulnerability in Tenda products
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-11-07 CVE-2023-47455 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
network
low complexity
tenda CWE-787
critical
 9.1
9.1
2023-11-07 CVE-2023-47456 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
network
low complexity
tenda CWE-787
critical
 9.1
9.1