Vulnerabilities > Tendacn > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-44019 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn Ac10U Firmware 15.03.06.49Multitde01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
network
low complexity
tendacn CWE-119
critical
9.8
2023-09-27 CVE-2023-44020 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn Ac10U Firmware 15.03.06.49Multitde01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
network
low complexity
tendacn CWE-119
critical
9.8
2023-09-27 CVE-2023-44021 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn Ac10U Firmware 15.03.06.49Multitde01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.
network
low complexity
tendacn CWE-119
critical
9.8
2023-09-27 CVE-2023-44022 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn Ac10U Firmware 15.03.06.49Multitde01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
network
low complexity
tendacn CWE-119
critical
9.8
2023-09-27 CVE-2023-44023 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn Ac10U Firmware 15.03.06.49Multitde01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
network
low complexity
tendacn CWE-119
critical
9.8
2023-09-07 CVE-2023-40942 Out-of-bounds Write vulnerability in Tendacn AC9 Firmware 15.03.06.42Multitd0
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.
network
low complexity
tendacn CWE-787
critical
9.8
2023-07-07 CVE-2023-37144 Command Injection vulnerability in Tendacn Ac10 Firmware 15.03.06.26
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
network
low complexity
tendacn CWE-77
critical
9.8
2022-09-23 CVE-2022-40853 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware 15.03.05.19
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
network
low complexity
tendacn CWE-787
critical
9.8
2022-09-23 CVE-2022-40860 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware 15.03.05.19
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
network
low complexity
tendacn CWE-787
critical
9.8
2022-09-23 CVE-2022-40862 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
network
low complexity
tendacn CWE-787
critical
9.8