Vulnerabilities > Tenda > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-17 | CVE-2024-2560 | Unspecified vulnerability in Tenda Ac18 Firmware 15.03.05.05 A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. | 4.3 |
| 2024-03-17 | CVE-2024-2559 | Unspecified vulnerability in Tenda Ac18 Firmware 15.03.05.05 A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. | 6.5 |
| 2023-09-06 | CVE-2023-4498 | Improper Authentication vulnerability in Tenda N300 Firmware 53.0.1.6 Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | 5.3 |
| 2023-09-05 | CVE-2021-40546 | Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26 Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | 4.9 |
| 2023-08-25 | CVE-2023-40802 | Out-of-bounds Write vulnerability in Tenda Ac23 Firmware 16.03.07.45Cn The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | 6.5 |
| 2023-06-26 | CVE-2022-40010 | Cross-site Scripting vulnerability in Tenda AC6 Firmware 15.03.06.50Multi Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | 5.4 |
| 2023-06-08 | CVE-2023-34567 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | 6.7 |
| 2023-06-08 | CVE-2023-34568 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | 6.7 |
| 2023-06-08 | CVE-2023-34569 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | 6.7 |
| 2023-06-08 | CVE-2023-34570 | Out-of-bounds Write vulnerability in Tenda Ac10 Firmware Usac10V4.0Siv16.03.10.13Cn Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. | 6.7 |