Vulnerabilities > Tenda > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2021-44971 | Incorrect Comparison vulnerability in Tenda Ac15 Firmware and AC5 Firmware Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. | 9.8 |
| 2021-05-07 | CVE-2021-31755 | Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. | 9.8 |
| 2021-05-07 | CVE-2021-31756 | Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. | 9.8 |
| 2021-05-07 | CVE-2021-31757 | Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. | 9.8 |
| 2021-05-07 | CVE-2021-31758 | Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. | 9.8 |
| 2021-04-14 | CVE-2021-27707 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. | 9.8 |
| 2021-04-14 | CVE-2021-27706 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. | 9.8 |
| 2021-04-14 | CVE-2021-27705 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. | 9.8 |
| 2020-07-23 | CVE-2020-15916 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.19 goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | 9.8 |
| 2020-07-13 | CVE-2020-10988 | Use of Hard-coded Credentials vulnerability in Tenda Ac15 Firmware 15.03.05.19 A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. | 9.8 |