Vulnerabilities > Tenda > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-07 | CVE-2023-43885 | Missing Authorization vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | 8.1 |
2023-11-07 | CVE-2023-43886 | Out-of-bounds Write vulnerability in Tenda RX9 PRO Firmware 22.03.02.10 A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | 7.1 |
2023-08-25 | CVE-2023-40797 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
2023-08-25 | CVE-2023-40798 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability. | 8.8 |
2023-08-25 | CVE-2023-40800 | Improper Input Validation vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | 8.8 |
2023-08-25 | CVE-2023-40801 | Improper Input Validation vulnerability in Tenda Ac23 The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 8.8 |
2023-08-25 | CVE-2023-40915 | Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11 Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. | 7.5 |
2023-08-21 | CVE-2023-39784 | Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | 7.5 |
2023-08-21 | CVE-2023-39785 | Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function. | 7.5 |
2023-08-21 | CVE-2023-39786 | Out-of-bounds Write vulnerability in Tenda Ac8V4 Firmware 16.03.34.06 Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | 7.5 |