Vulnerabilities > Tenda > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-01 CVE-2022-32034 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32035 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32036 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32037 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32039 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32040 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32041 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData.
network
low complexity
tenda CWE-787
7.5
2022-07-01 CVE-2022-32043 Out-of-bounds Write vulnerability in Tenda M3 Firmware 1.0.0.12
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo.
network
low complexity
tenda CWE-787
7.5
2022-06-16 CVE-2022-30023 OS Command Injection vulnerability in Tenda HG9 Firmware 1.0.1
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
network
low complexity
tenda CWE-78
8.8
2022-06-02 CVE-2022-30425 OS Command Injection vulnerability in Tenda HG6 Firmware 3.3.0210926
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters.
network
low complexity
tenda CWE-78
8.8