Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25417 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-24 CVE-2022-25418 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-15 CVE-2021-46262 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-15 CVE-2021-46263 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-15 CVE-2021-46264 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-15 CVE-2021-46265 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-15 CVE-2021-46321 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module.
network
low complexity
tenda CWE-787
critical
9.8
2022-02-11 CVE-2020-26728 Unspecified vulnerability in Tenda AC9 Firmware 15.03.05.19(6318)Cn/15.03.06.42Multi
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.
network
low complexity
tenda
critical
9.8
2022-02-04 CVE-2022-24144 Command Injection vulnerability in Tenda AX3 Firmware 16.03.12.10Cn
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function WanParameterSetting.
network
low complexity
tenda CWE-77
critical
9.8
2022-02-04 CVE-2022-24148 Command Injection vulnerability in Tenda AX3 Firmware 16.03.12.10Cn
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function mDMZSetCfg.
network
low complexity
tenda CWE-77
critical
9.8