Tenda: Security Vulnerabilities
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-09-20
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-09-13
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-09-13
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-09-13
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
CVSS Score
9.8
EPSS Score
0.576
Published
2024-09-13
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-13
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-09-13
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.
CVSS Score
9.8
EPSS Score
0.098
Published
2024-09-10
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-09-04
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.007
Published
2024-08-28