Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-24 CVE-2022-27078 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27079 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27080 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27081 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27082 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27083 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-18 CVE-2022-25427 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25428 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25429 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25431 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8