Vulnerabilities > Tenda > W18E Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-46370 Command Injection vulnerability in Tenda W18E Firmware 16.01.0.8(1576)
Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function.
network
low complexity
tenda CWE-77
critical
9.8
2023-10-25 CVE-2023-46369 Out-of-bounds Write vulnerability in Tenda W18E Firmware 16.01.0.8(1576)
Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function.
network
low complexity
tenda CWE-787
critical
9.8