Filtered by vendor Tenda
Subscribe
Total
496 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2923 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-06-03 | N/A | 9.8 CRITICAL |
A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2023-31587 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2023-05-22 | N/A | 9.8 CRITICAL |
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. | |||||
CVE-2023-2649 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2023-05-20 | N/A | 8.8 HIGH |
A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2023-30354 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2023-05-18 | N/A | 9.8 CRITICAL |
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access. | |||||
CVE-2023-30351 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2023-05-17 | N/A | 7.5 HIGH |
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials. | |||||
CVE-2023-30352 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2023-05-17 | N/A | 9.8 CRITICAL |
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | |||||
CVE-2023-30353 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2023-05-17 | N/A | 9.8 CRITICAL |
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. | |||||
CVE-2023-30356 | 1 Tenda | 2 Cp3, Cp3 Firmware | 2023-05-17 | N/A | 7.5 HIGH |
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware | |||||
CVE-2023-30135 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2023-05-11 | N/A | 9.8 CRITICAL |
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function. | |||||
CVE-2023-29680 | 1 Tenda | 2 N301, N301 Firmware | 2023-05-09 | N/A | 5.7 MEDIUM |
Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | |||||
CVE-2023-29681 | 1 Tenda | 2 N301, N301 Firmware | 2023-05-09 | N/A | 5.7 MEDIUM |
Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | |||||
CVE-2023-30378 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30375 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30376 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | |||||
CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30368 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. | |||||
CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | |||||
CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. |