An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via a crafted URL.
CVSS Score
8.8
EPSS Score
0.0
Published
2024-02-20
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.
CVSS Score
9.8
EPSS Score
0.01
Published
2024-01-04
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-07
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-07
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-25
Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-03-24
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-15
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip.
CVSS Score
9.8
EPSS Score
0.027
Published
2023-03-15
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-23
Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-03-10
Page 1