Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-30 CVE-2023-40842 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40843 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40844 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40845 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40847 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40848 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41552 Out-of-bounds Write vulnerability in Tenda AC7 Firmware and AC9 Firmware
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41553 Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41554 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 5.03.06.42Multi
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41555 Out-of-bounds Write vulnerability in Tenda AC7 Firmware 15.03.06.44
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasicSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8