Shodan
Vulnerabilities
Vulnerable Software
Tendacn:  Security Vulnerabilities
CVE-2022-26243
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-03-23
CVE-2021-45401
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.
CVSS Score
9.8
EPSS Score
0.118
Published
2022-02-18
CVE-2022-24168
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupStartIP and IPGroupEndIP parameters.
CVSS Score
9.8
EPSS Score
0.043
Published
2022-02-04
CVE-2022-24169
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindAdd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRule parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24170
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.
CVSS Score
9.8
EPSS Score
0.155
Published
2022-02-04
CVE-2022-24171
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters.
CVSS Score
9.8
EPSS Score
0.155
Published
2022-02-04
CVE-2022-24172
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDhcpBindRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the addDhcpRules parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24164
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04
CVE-2022-24165
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.
CVSS Score
9.8
EPSS Score
0.155
Published
2022-02-04
CVE-2022-24166
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved