Vulnerabilities > Tenda > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-30351 Inadequate Encryption Strength vulnerability in Tenda CP3 Firmware 11.10.00.2211041355
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption.
network
low complexity
tenda CWE-326
7.5
7.5
2023-05-10 CVE-2023-30356 Improper Validation of Integrity Check Value vulnerability in Tenda CP3 Firmware 11.10.00.2211041355
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware
network
low complexity
tenda CWE-354
7.5
7.5
2023-03-23 CVE-2023-27079 Command Injection vulnerability in Tenda G103 Firmware 1.0.05
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package
network
low complexity
tenda CWE-77
7.5
7.5
2023-03-13 CVE-2023-27062 Classic Buffer Overflow vulnerability in Tenda W15E Firmware 15.11.0.14
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function.
network
low complexity
tenda CWE-120
7.5
7.5
2023-03-13 CVE-2023-27064 Classic Buffer Overflow vulnerability in Tenda W15E Firmware 15.11.0.14
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function.
network
low complexity
tenda CWE-120
7.5
7.5
2023-03-13 CVE-2023-27065 Classic Buffer Overflow vulnerability in Tenda W15E Firmware 15.11.0.14
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function.
network
low complexity
tenda CWE-120
7.5
7.5
2023-02-27 CVE-2023-25235 Out-of-bounds Write vulnerability in Tenda Ac500 Firmware 2.0.1.9(1307)
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-30 CVE-2022-47116 Out-of-bounds Write vulnerability in Tenda A15 Firmware 15.13.07.13
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-20 CVE-2022-45665 Classic Buffer Overflow vulnerability in Tenda I22 Firmware 1.0.0.3(4687)
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.
network
low complexity
tenda CWE-120
7.5
7.5
2022-12-20 CVE-2022-45666 Classic Buffer Overflow vulnerability in Tenda I22 Firmware 1.0.0.3(4687)
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.
network
low complexity
tenda CWE-120
7.5
7.5