Vulnerabilities > Tenda > W30E Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-49410 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-49999 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-50000 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-50001 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-12-07 CVE-2023-50002 Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-02-27 CVE-2023-25231 Out-of-bounds Write vulnerability in Tenda W30E Firmware V1.0.1.25(633)
Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-12-08 CVE-2022-45505 Out-of-bounds Write vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45506 OS Command Injection vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-12-08 CVE-2022-45507 Out-of-bounds Write vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName.
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-08 CVE-2022-45508 Out-of-bounds Write vulnerability in Tenda W30E Firmware 1.0.1.25(633)
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the new_account parameter at /goform/editUserName.
network
low complexity
tenda CWE-787
7.5
7.5