Vulnerabilities > Tenda > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-20 | CVE-2023-48109 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . | 7.5 |
2023-11-20 | CVE-2023-48110 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . | 7.5 |
2023-11-20 | CVE-2023-48111 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . | 7.5 |
2023-11-14 | CVE-2022-45781 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1/1.0.0.12890 Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName. | 8.8 |
2023-11-07 | CVE-2023-43885 | Missing Authorization vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | 8.1 |
2023-11-07 | CVE-2023-43886 | Out-of-bounds Write vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | 7.1 |
2023-08-25 | CVE-2023-40797 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
2023-08-25 | CVE-2023-40798 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
2023-08-25 | CVE-2023-40800 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | 8.8 |
2023-08-25 | CVE-2023-40801 | Improper Input Validation vulnerability in Tenda Ac23 The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 8.8 |