Shodan
Vulnerabilities
Vulnerable Software
Tenda:  Security Vulnerabilities
CVE-2023-40830
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-42320
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.
CVSS Score
9.8
EPSS Score
0.018
Published
2023-09-18
CVE-2023-4498
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only
CVSS Score
5.3
EPSS Score
0.001
Published
2023-09-06
CVE-2021-40546
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.
CVSS Score
4.9
EPSS Score
0.0
Published
2023-09-05
CVE-2023-4744
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-09-04
CVE-2023-40837
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute commands.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-30
CVE-2023-40838
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-08-30
CVE-2023-40839
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-30
CVE-2023-40840
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-30
CVE-2023-40841
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved