Vulnerabilities > Tenda > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-2816 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.18 A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. | 6.5 |
| 2024-03-22 | CVE-2024-2817 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.18 A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. | 6.5 |
| 2023-09-06 | CVE-2023-4498 | Improper Authentication vulnerability in Tenda N300 Firmware 53.0.1.6 Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | 5.3 |
| 2023-09-05 | CVE-2021-40546 | Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26 Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | 4.9 |
| 2023-08-25 | CVE-2023-40802 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 6.5 |
| 2023-06-26 | CVE-2022-40010 | Cross-site Scripting vulnerability in Tenda AC6 Firmware 15.03.06.50Multi Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | 5.4 |
| 2023-06-08 | CVE-2023-34567 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | 6.7 |
| 2023-06-08 | CVE-2023-34568 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | 6.7 |
| 2023-06-08 | CVE-2023-34569 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | 6.7 |
| 2023-06-08 | CVE-2023-34570 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. | 6.7 |