Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-08 CVE-2022-45497 OS Command Injection vulnerability in Tenda W6-S Firmware 1.0.0.4(510)
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand.
network
low complexity
tenda CWE-78
critical
9.8
2022-12-08 CVE-2022-45506 OS Command Injection vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName.
network
low complexity
tenda CWE-78
critical
9.8
2022-12-02 CVE-2022-44362 Out-of-bounds Write vulnerability in Tenda I21 Firmware 1.0.0.14(4656)
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.
network
low complexity
tenda CWE-787
critical
9.8
2022-12-02 CVE-2022-44363 Out-of-bounds Write vulnerability in Tenda I21 Firmware 1.0.0.14(4656)
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.
network
low complexity
tenda CWE-787
critical
9.8
2022-12-02 CVE-2022-44365 Out-of-bounds Write vulnerability in Tenda I21 Firmware 1.0.0.14(4656)
Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.
network
low complexity
tenda CWE-787
critical
9.8
2022-12-02 CVE-2022-44366 Out-of-bounds Write vulnerability in Tenda I21 Firmware 1.0.0.14(4656)
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.
network
low complexity
tenda CWE-787
critical
9.8
2022-12-02 CVE-2022-44367 Out-of-bounds Write vulnerability in Tenda I21 Firmware 1.0.0.14(4656)
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.
network
low complexity
tenda CWE-787
critical
9.8
2022-11-21 CVE-2022-44171 Classic Buffer Overflow vulnerability in Tenda Ac18 Firmware 15.03.05.19
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.
network
low complexity
tenda CWE-120
critical
9.8
2022-11-21 CVE-2022-44172 Classic Buffer Overflow vulnerability in Tenda Ac18 Firmware 15.03.05.19
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.
network
low complexity
tenda CWE-120
critical
9.8
2022-11-21 CVE-2022-44174 Classic Buffer Overflow vulnerability in Tenda Ac18 Firmware 15.03.05.05
Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.
network
low complexity
tenda CWE-120
critical
9.8