Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-24 CVE-2022-27082 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-24 CVE-2022-27083 Command Injection vulnerability in Tenda M3 Firmware 1.0.0.12(4856)
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic.
network
low complexity
tenda CWE-77
critical
 9.8
9.8
2022-03-18 CVE-2022-25427 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25428 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25429 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25431 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25433 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25434 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25435 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25437 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8