Security Vulnerabilities - CVEs Published In August 2022
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection.
CVSS Score
5.4
EPSS Score
0.007
Published
2022-08-25
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint.
CVSS Score
5.4
EPSS Score
0.006
Published
2022-08-25
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-25