Vulnerabilities > Tenda > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-05 CVE-2023-50991 Classic Buffer Overflow vulnerability in Tenda I29 Firmware 1.0.0.2/1.0.0.5
Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function.
network
low complexity
tenda CWE-120
7.5
7.5
2023-11-30 CVE-2023-48963 Out-of-bounds Write vulnerability in Tenda I6 Firmware 1.0.0.8(3856)
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget.
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-30 CVE-2023-48964 Out-of-bounds Write vulnerability in Tenda I6 Firmware 1.0.0.8(3856)
Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet.
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-27 CVE-2023-49047 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName.
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-20 CVE-2023-48109 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo .
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-20 CVE-2023-48110 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo .
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-20 CVE-2023-48111 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo .
network
low complexity
tenda CWE-787
7.5
7.5
2023-11-14 CVE-2022-45781 Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1/1.0.0.12890/1.0.0.12994
Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.
network
low complexity
tenda CWE-787
8.8
8.8
2023-11-07 CVE-2023-43885 Missing Authorization vulnerability in Tenda RX9 PRO Firmware 22.03.02.10
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
network
low complexity
tenda CWE-862
8.1
8.1
2023-11-07 CVE-2023-43886 Out-of-bounds Write vulnerability in Tenda RX9 PRO Firmware 22.03.02.10
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
network
low complexity
tenda CWE-787
7.1
7.1