Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda Subscribe
Total 741 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-37716 1 Tenda 14 Ac10, Ac10 Firmware, Ac1206 and 11 more 2023-12-10 N/A 9.8 CRITICAL
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.
CVE-2023-37717 1 Tenda 14 Ac10, Ac10 Firmware, Ac1206 and 11 more 2023-12-10 N/A 9.8 CRITICAL
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
CVE-2023-39786 1 Tenda 2 Ac8v4, Ac8v4 Firmware 2023-12-10 N/A 7.5 HIGH
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.
CVE-2023-37723 1 Tenda 10 4g300, 4g300 Firmware, F1202 and 7 more 2023-12-10 N/A 9.8 CRITICAL
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.
CVE-2023-43885 1 Tenda 2 Rx9 Pro, Rx9 Pro Firmware 2023-12-10 N/A 8.1 HIGH
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
CVE-2023-40893 1 Tenda 2 Ac8v4, Ac8v4 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
CVE-2023-40843 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
CVE-2023-40847 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
CVE-2023-40904 1 Tenda 2 Ac10v4, Ac10v4 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg.
CVE-2021-40546 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 4.9 MEDIUM
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.
CVE-2023-38935 1 Tenda 10 Ac10, Ac10 Firmware, Ac1206 and 7 more 2023-12-10 N/A 9.8 CRITICAL
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.
CVE-2023-40842 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
CVE-2023-40892 1 Tenda 2 Ac8v4, Ac8v4 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi.
CVE-2023-40845 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
CVE-2023-38934 1 Tenda 6 F1203, F1203 Firmware, Fh1203 and 3 more 2023-12-10 N/A 9.8 CRITICAL
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.
CVE-2023-40800 1 Tenda 2 Ac23, Ac23 Firmware 2023-12-10 N/A 8.8 HIGH
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
CVE-2023-40891 1 Tenda 2 Ac8v4, Ac8v4 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.
CVE-2023-40896 1 Tenda 2 Ac8v4, Ac8v4 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.
CVE-2023-40838 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
CVE-2023-40840 1 Tenda 2 Ac6, Ac6 Firmware 2023-12-10 N/A 9.8 CRITICAL
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."