Vulnerabilities > Tenda > W15E Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-15 CVE-2022-40847 OS Command Injection vulnerability in Tenda W15E Firmware 15.11.0.10(1576)
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools.
local
low complexity
tenda CWE-78
7.8
7.8
2017-09-17 CVE-2017-14515 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda W15E Firmware 15.11.0.10(1576)/15.11.0.14/V15.11.0.13Cn
Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.
network
low complexity
tenda CWE-119
7.5
7.5
2017-09-17 CVE-2017-14514 Path Traversal vulnerability in Tenda W15E Firmware 15.11.0.10(1576)/15.11.0.14/V15.11.0.13Cn
Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.
network
low complexity
tenda CWE-22
7.5
7.5