Tendacn: Security Vulnerabilities
Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-19
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-07-06
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
CVSS Score
9.8
EPSS Score
0.01
Published
2022-07-06
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVSS Score
9.8
EPSS Score
0.031
Published
2022-07-06
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-07-01
Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
CVSS Score
9.8
EPSS Score
0.486
Published
2022-06-14
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-03-23
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-03-23
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-03-23
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.
CVSS Score
9.8
EPSS Score
0.121
Published
2022-02-18