Tenda: Security Vulnerabilities
Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-03
In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE).
CVSS Score
9.8
EPSS Score
0.025
Published
2022-10-27
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-10-27
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-10-27
Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability.
CVSS Score
9.8
EPSS Score
0.866
Published
2022-10-20
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-19
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-19
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-19
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-19
Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-19