Shodan
Vulnerabilities
Vulnerable Software
Tenda:  Security Vulnerabilities
CVE-2023-48109
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-20
CVE-2023-48110
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-20
CVE-2023-48111
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-20
CVE-2022-45781
Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-11-14
CVE-2023-47455
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-11-07
CVE-2023-47456
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-11-07
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-11-07
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-11-07
CVE-2023-46369
Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-10-25
CVE-2023-46370
Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function.
CVSS Score
9.8
EPSS Score
0.577
Published
2023-10-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved