Shodan
Vulnerabilities
Vulnerable Software
Tenda:  >> W20e Firmware  >> 15.11.0.6  Security Vulnerabilities
CVE-2024-3874
A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260908. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-16
CVE-2023-26805
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-19
CVE-2023-26806
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime,
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-19
CVE-2022-48130
Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-02-02
CVE-2022-40855
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
CVSS Score
9.8
EPSS Score
0.288
Published
2022-09-23
CVE-2022-40866
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-23
CVE-2022-40867
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-23
CVE-2022-40868
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved