Vulnerabilities > Tenda > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-06 | CVE-2022-34596 | OS Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.12890 Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | 9.8 |
2022-07-06 | CVE-2022-34597 | OS Command Injection vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | 9.8 |
2022-07-01 | CVE-2022-32032 | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. | 9.8 |
2022-05-26 | CVE-2022-30472 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318) Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat | 9.8 |
2022-05-26 | CVE-2022-30474 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318) Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | 9.8 |
2022-05-26 | CVE-2022-30476 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318) Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | 9.8 |
2022-05-26 | CVE-2022-30477 | Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318) Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. | 9.8 |
2022-05-10 | CVE-2022-29591 | Classic Buffer Overflow vulnerability in Tenda TX9 PRO Firmware 22.03.02.10 Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. | 9.8 |
2022-05-05 | CVE-2022-29592 | OS Command Injection vulnerability in Tenda TX9 PRO Firmware 22.03.02.10 Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route). | 9.8 |
2022-05-04 | CVE-2022-28557 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.20Multitde01 There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution | 9.8 |