Vulnerabilities > Tenda > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-15 | CVE-2022-40844 | Cross-site Scripting vulnerability in Tenda W15E Firmware 15.11.0.10(1576) In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body. | 5.4 |
2022-11-15 | CVE-2022-40846 | Cross-site Scripting vulnerability in Tenda W15E Firmware 15.11.0.10(1576) In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname. | 4.8 |
2022-11-15 | CVE-2022-40843 | Unspecified vulnerability in Tenda W15E Firmware 15.11.0.10(1576) The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. | 4.9 |
2022-11-15 | CVE-2022-40845 | Forced Browsing vulnerability in Tenda W15E Firmware 15.11.0.10(1576) The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. | 6.5 |
2022-10-12 | CVE-2022-42077 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
2022-10-12 | CVE-2022-42078 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | 6.5 |
2022-10-12 | CVE-2022-42086 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax1803 Firmware 1.0.0.12994Cnzgyd014 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode. | 6.5 |
2022-10-12 | CVE-2022-42087 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax1803 Firmware 1.0.0.12994Cnzgyd014 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
2022-09-23 | CVE-2022-40103 | Out-of-bounds Write vulnerability in Tenda I9 Firmware 1.0.0.8(3828) Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. | 5.5 |
2022-08-25 | CVE-2022-37292 | Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. | 5.5 |