Security Vulnerabilities - CVEs Published In December 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-20
Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 and v.2.0 allows attackers to obtain sensitive information via the file upload function in the home page.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-12-20