Vulnerabilities > Tenda > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-07 CVE-2023-43885 Missing Authorization vulnerability in Tenda RX9 PRO Firmware 22.03.02.10
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
network
low complexity
tenda CWE-862
8.1
2023-11-07 CVE-2023-43886 Out-of-bounds Write vulnerability in Tenda RX9 PRO Firmware 22.03.02.10
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
network
low complexity
tenda CWE-787
7.1
2023-08-25 CVE-2023-40797 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40798 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40800 Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40801 Improper Input Validation vulnerability in Tenda Ac23
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
network
low complexity
tenda CWE-20
8.8
2023-08-25 CVE-2023-40915 Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set.
network
low complexity
tenda CWE-787
7.5
2023-08-21 CVE-2023-39784 Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function.
network
low complexity
tenda CWE-787
7.5
2023-08-21 CVE-2023-39785 Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function.
network
low complexity
tenda CWE-787
7.5
2023-08-21 CVE-2023-39786 Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.
network
low complexity
tenda CWE-787
7.5