Security Vulnerabilities - CVEs Published In August 2022
Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-28
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-28
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-28
Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-28
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
CVSS Score
9.8
EPSS Score
0.202
Published
2022-08-28
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
CVSS Score
9.8
EPSS Score
0.032
Published
2022-08-28
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.
CVSS Score
9.8
EPSS Score
0.651
Published
2022-08-28
Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-28
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-28
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
CVSS Score
9.8
EPSS Score
0.02
Published
2022-08-28