Vulnerabilities > Tenda > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2022-24150 Command Injection vulnerability in Tenda AX3 Firmware 16.03.12.10Cn
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function formSetSafeWanWebMan.
network
low complexity
tenda CWE-77
critical
9.8
2022-01-28 CVE-2021-44971 Incorrect Comparison vulnerability in Tenda Ac15 Firmware and AC5 Firmware
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on.
network
low complexity
tenda CWE-697
critical
9.8
2021-05-07 CVE-2021-31755 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.
network
low complexity
tenda CWE-787
critical
9.8
2021-05-07 CVE-2021-31756 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.
network
low complexity
tenda CWE-787
critical
9.8
2021-05-07 CVE-2021-31757 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.
network
low complexity
tenda CWE-787
critical
9.8
2021-05-07 CVE-2021-31758 Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN.
network
low complexity
tenda CWE-787
critical
9.8
2021-04-14 CVE-2021-27707 Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request.
network
low complexity
tenda CWE-120
critical
9.8
2021-04-14 CVE-2021-27706 Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request.
network
low complexity
tenda CWE-120
critical
9.8
2021-04-14 CVE-2021-27705 Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request.
network
low complexity
tenda CWE-120
critical
9.8
2020-07-23 CVE-2020-15916 OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.19
goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter.
network
low complexity
tenda CWE-78
critical
9.8