Vulnerabilities > Tenda > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-27 | CVE-2023-49043 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. | 9.8 |
2023-11-27 | CVE-2023-49046 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule. | 9.8 |
2023-11-20 | CVE-2023-38823 | Classic Buffer Overflow vulnerability in Tenda products Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | 9.8 |
2023-11-07 | CVE-2023-47455 | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size. | 9.1 |
2023-11-07 | CVE-2023-47456 | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat. | 9.1 |
2023-10-25 | CVE-2023-46369 | Out-of-bounds Write vulnerability in Tenda W18E Firmware 16.01.0.8(1576) Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. | 9.8 |
2023-10-25 | CVE-2023-46370 | Command Injection vulnerability in Tenda W18E Firmware 16.01.0.8(1576) Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function. | 9.8 |
2023-10-03 | CVE-2023-40830 | Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | 9.8 |
2023-09-18 | CVE-2023-42320 | Classic Buffer Overflow vulnerability in Tenda Ac10 Firmware 16.03.10.13 Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. | 9.8 |
2023-09-04 | CVE-2023-4744 | Out-of-bounds Write vulnerability in Tenda AC8 Firmware 16.03.34.06 A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. | 9.8 |