Shodan
Vulnerabilities
Vulnerable Software
Tendacn:  Security Vulnerabilities
CVE-2022-40853
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-40860
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-40862
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-40864
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-40865
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-40869
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-23
CVE-2022-38325
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-15
CVE-2022-38326
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-15
CVE-2022-36552
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-30
CVE-2022-37176
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved