Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2022-24160
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function formSetDeviceName. This vulnerability allows attackers to cause a Denial of Service (DoS) via the devName parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24161
Tenda AX3 v16.03.12.10_CN was discovered to contain a heap overflow in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mac parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24162
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24163
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24164
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24165
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.
CVSS Score
9.8
EPSS Score
0.155
Published
2022-02-04
CVE-2022-24166
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24167
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 parameter.
CVSS Score
9.8
EPSS Score
0.043
Published
2022-02-04
CVE-2021-45997
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2021-45998
D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.
CVSS Score
9.8
EPSS Score
0.079
Published
2022-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved