Shodan
Vulnerabilities
Vulnerable Software
Tenda:  Security Vulnerabilities
CVE-2023-47456
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-11-07
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-11-07
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-11-07
CVE-2023-46369
Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46370
Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function.
CVSS Score
9.8
EPSS Score
0.577
Published
2023-10-25
CVE-2023-40830
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-42320
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.
CVSS Score
9.8
EPSS Score
0.021
Published
2023-09-18
CVE-2023-4498
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only
CVSS Score
5.3
EPSS Score
0.001
Published
2023-09-06
CVE-2021-40546
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.
CVSS Score
4.9
EPSS Score
0.0
Published
2023-09-05
CVE-2023-4744
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-09-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved