Vulnerabilities > Tendacn > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-23 CVE-2022-40864 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-09-23 CVE-2022-40865 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-09-23 CVE-2022-40869 Out-of-bounds Write vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-09-15 CVE-2022-38325 Classic Buffer Overflow vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
network
low complexity
tendacn CWE-120
critical
 9.8
9.8
2022-09-15 CVE-2022-38326 Classic Buffer Overflow vulnerability in Tendacn Ac15 Firmware and Ac18 Firmware
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
network
low complexity
tendacn CWE-120
critical
 9.8
9.8
2022-08-30 CVE-2022-37176 Unspecified vulnerability in Tendacn AC6 Firmware
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
network
low complexity
tendacn
critical
 9.8
9.8
2022-07-06 CVE-2022-32383 Out-of-bounds Write vulnerability in Tendacn Ac23 Ac2100 Firmware 16.03.07.44
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-07-06 CVE-2022-32385 Out-of-bounds Write vulnerability in Tendacn Ac23 Ac2100 Firmware 16.03.07.44
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-07-06 CVE-2022-32386 Out-of-bounds Write vulnerability in Tendacn Ac23 Ac2100 Firmware 16.03.07.44
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2022-06-14 CVE-2022-31446 OS Command Injection vulnerability in Tendacn Ac18 Firmware 15.03.05.05/15.03.05.19
Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
network
low complexity
tendacn CWE-78
critical
 9.8
9.8