Tenda: Security Vulnerabilities
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-06-26
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-06-08
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-06-08
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-06-08
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-06-08
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-06-08
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-06-08
There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges.
CVSS Score
8.8
EPSS Score
0.01
Published
2023-06-06
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.
CVSS Score
9.8
EPSS Score
0.245
Published
2023-06-02
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-02