Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-30352 Use of Hard-coded Credentials vulnerability in Tenda CP3 Firmware 11.10.00.2211041355
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed.
network
low complexity
tenda CWE-798
critical
 9.8
9.8
2023-05-10 CVE-2023-30353 Command Injection vulnerability in Tenda CP3 Firmware 11.10.00.2211041355
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-05-10 CVE-2023-30354 Cleartext Transmission of Sensitive Information vulnerability in Tenda CP3 Firmware 11.10.00.2211041355
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access.
network
low complexity
tenda CWE-319
critical
 9.8
9.8
2023-05-05 CVE-2023-30135 Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)Cn
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2023-04-24 CVE-2023-30370 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-24 CVE-2023-30371 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-24 CVE-2023-30372 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-24 CVE-2023-30373 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-24 CVE-2023-30375 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-24 CVE-2023-30376 Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.
network
low complexity
tenda CWE-787
critical
 9.8
9.8