Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-08-16 CVE-2022-36273 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-08-12 CVE-2022-35555 OS Command Injection vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-08-12 CVE-2022-35559 Out-of-bounds Write vulnerability in Tenda W6 Firmware 1.0.0.9(4122)
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-07-07 CVE-2022-32054 OS Command Injection vulnerability in Tenda Ac10 Firmware 15.03.06.26
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-07-06 CVE-2022-34595 OS Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.12890
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-07-06 CVE-2022-34596 OS Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.12890
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-07-06 CVE-2022-34597 OS Command Injection vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-07-01 CVE-2022-32032 Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-05-26 CVE-2022-30472 Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-05-26 CVE-2022-30474 Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19(6318)
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
network
low complexity
tenda CWE-787
critical
 9.8
9.8