Tenda: >> Rx9 Pro Firmware Security Vulnerabilities
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-10-25
A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-10-23
A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-10-23
A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.004
Published
2024-10-23
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-11-07
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-11-07
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-16
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-16
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-16