Tenda: Security Vulnerabilities
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
CVSS Score
9.8
EPSS Score
0.005
Published
2024-07-09
Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges.
CVSS Score
9.8
EPSS Score
0.042
Published
2024-06-04
Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.
CVSS Score
9.8
EPSS Score
0.033
Published
2024-05-24
Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.
CVSS Score
8.6
EPSS Score
0.018
Published
2024-05-24
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.
CVSS Score
5.2
EPSS Score
0.001
Published
2024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.
CVSS Score
8.0
EPSS Score
0.002
Published
2024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.
CVSS Score
7.7
EPSS Score
0.002
Published
2024-05-20
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-20
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-05-14