Filtered by vendor Tenda
Subscribe
Total
741 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-37716 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting. | |||||
CVE-2023-37717 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. | |||||
CVE-2023-39786 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | |||||
CVE-2023-37723 | 1 Tenda | 10 4g300, 4g300 Firmware, F1202 and 7 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting. | |||||
CVE-2023-43885 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-12-10 | N/A | 8.1 HIGH |
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | |||||
CVE-2023-40893 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||||
CVE-2023-40843 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004." | |||||
CVE-2023-40847 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check. | |||||
CVE-2023-40904 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | |||||
CVE-2021-40546 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 4.9 MEDIUM |
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | |||||
CVE-2023-38935 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac1206 and 7 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. | |||||
CVE-2023-40842 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler." | |||||
CVE-2023-40892 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | |||||
CVE-2023-40845 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks. | |||||
CVE-2023-38934 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | |||||
CVE-2023-40800 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn. | |||||
CVE-2023-40891 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg. | |||||
CVE-2023-40896 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind. | |||||
CVE-2023-40838 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability. | |||||
CVE-2023-40840 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat." |