Vulnerabilities > Tenda > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-30 CVE-2024-12002 NULL Pointer Dereference vulnerability in Tenda products
A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129.
network
low complexity
tenda CWE-476
6.5
2024-11-04 CVE-2024-10750 NULL Pointer Dereference vulnerability in Tenda I22 Firmware 1.0.0.3(4687)
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic.
network
low complexity
tenda CWE-476
6.5
2024-08-23 CVE-2024-44387 Out-of-bounds Write vulnerability in Tenda Fh1206 Firmware 1.2.0.8(8155)
Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the functino formWrlExtraGet.
low complexity
tenda CWE-787
6.5
2024-03-22 CVE-2024-2816 Unspecified vulnerability in Tenda Ac15 Firmware 15.03.05.18
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18.
network
low complexity
tenda
6.5
2024-03-22 CVE-2024-2817 Unspecified vulnerability in Tenda Ac15 Firmware 15.03.05.18
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18.
network
low complexity
tenda
6.5
2023-09-06 CVE-2023-4498 Improper Authentication vulnerability in Tenda N300 Firmware 53.0.1.6
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only
network
low complexity
tenda CWE-287
5.3
2023-09-05 CVE-2021-40546 Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.
network
low complexity
tenda CWE-404
4.9
2023-08-25 CVE-2023-40802 Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn
network
low complexity
tenda CWE-787
6.5
2023-06-26 CVE-2022-40010 Cross-site Scripting vulnerability in Tenda AC6 Firmware 15.03.06.50Multi
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.
network
low complexity
tenda CWE-79
5.4
2023-06-08 CVE-2023-34567 Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.
local
low complexity
tenda CWE-787
6.7