Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-25431 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25433 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25434 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25435 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25437 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25438 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
network
low complexity
tenda CWE-78
critical
9.8
2022-03-18 CVE-2022-25439 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25440 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
network
low complexity
tenda CWE-787
critical
9.8
2022-03-18 CVE-2022-25441 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function.
network
low complexity
tenda CWE-78
critical
9.8
2022-03-18 CVE-2022-25445 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.09
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
network
low complexity
tenda CWE-787
critical
9.8