Vulnerabilities > Tenda > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-07 | CVE-2021-31758 | Out-of-bounds Write vulnerability in Tenda Ac11 Firmware 02.03.01.104Cn An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. | 9.8 |
| 2021-04-14 | CVE-2021-27707 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. | 9.8 |
| 2021-04-14 | CVE-2021-27706 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. | 9.8 |
| 2021-04-14 | CVE-2021-27705 | Classic Buffer Overflow vulnerability in Tenda G1 Firmware and G3 Firmware Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. | 9.8 |
| 2020-07-23 | CVE-2020-15916 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.19 goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | 9.8 |
| 2020-07-13 | CVE-2020-10988 | Use of Hard-coded Credentials vulnerability in Tenda Ac15 Firmware 15.03.05.19 A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. | 9.8 |
| 2020-07-13 | CVE-2020-10987 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.19 The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. | 9.8 |
| 2018-10-30 | CVE-2018-14558 | OS Command Injection vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 9.8 |
| 2018-10-29 | CVE-2018-18729 | Out-of-bounds Write vulnerability in Tenda products An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. | 9.8 |
| 2018-10-29 | CVE-2018-18728 | OS Command Injection vulnerability in Tenda Ac15 Firmware, Ac18 Firmware and AC9 Firmware An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. | 9.8 |