Vulnerabilities > Tenda > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-24 | CVE-2022-27077 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic. | 9.8 |
2022-03-24 | CVE-2022-27078 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail. | 9.8 |
2022-03-24 | CVE-2022-27079 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem. | 9.8 |
2022-03-24 | CVE-2022-27080 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode. | 9.8 |
2022-03-24 | CVE-2022-27081 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo. | 9.8 |
2022-03-24 | CVE-2022-27082 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo. | 9.8 |
2022-03-24 | CVE-2022-27083 | Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856) Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic. | 9.8 |
2022-03-18 | CVE-2022-25427 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. | 9.8 |
2022-03-18 | CVE-2022-25428 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | 9.8 |
2022-03-18 | CVE-2022-25429 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21 Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. | 9.8 |