Vulnerabilities > Tendacn > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-46628 OS Command Injection vulnerability in Tendacn G3 Firmware 15.03.05.05
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
network
low complexity
tendacn CWE-78
critical
 9.8
9.8
2024-08-07 CVE-2024-7581 Out-of-bounds Write vulnerability in Tendacn A301 Firmware 15.13.08.12
A vulnerability classified as critical has been found in Tenda A301 15.13.08.12.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-25 CVE-2024-41468 OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand
network
low complexity
tendacn CWE-78
critical
 9.8
9.8
2024-07-25 CVE-2024-41473 OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac
network
low complexity
tendacn CWE-78
critical
 9.8
9.8
2024-07-24 CVE-2024-41459 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-24 CVE-2024-41460 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-24 CVE-2024-41461 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-16 CVE-2024-33180 Out-of-bounds Write vulnerability in Tendacn Ac18 Firmware 15.03.3.10
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-16 CVE-2024-33182 Out-of-bounds Write vulnerability in Tendacn Ac18 Firmware 15.03.3.10
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-16 CVE-2024-35338 Use of Hard-coded Credentials vulnerability in Tendacn I29 Firmware 1.0.0.5
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
network
low complexity
tendacn CWE-798
critical
 9.8
9.8