Ax1803 Firmware

ax1803_firmware

Vendor: Tenda • 60 CVEs

CVEs (60)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-48110 1Tenda 1Ax1803 Firmware Nov 21, 2024 Nov 20, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVE-2023-48109 1Tenda 1Ax1803 Firmware Nov 21, 2024 Nov 20, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
CVE-2022-45781 1Tenda 1Ax1803 Firmware Nov 21, 2024 Nov 14, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.
CVE-2022-40876 1Tenda 1Ax1803 Firmware May 7, 2025 Oct 27, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE).
CVE-2022-40875 1Tenda 1Ax1803 Firmware May 7, 2025 Oct 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.
CVE-2022-40874 1Tenda 1Ax1803 Firmware May 7, 2025 Oct 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.
CVE-2022-42087 1Tenda 1Ax1803 Firmware May 15, 2025 Oct 12, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-42086 1Tenda 1Ax1803 Firmware May 15, 2025 Oct 12, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.
CVE-2022-37824 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.
CVE-2022-37823 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.
CVE-2022-37822 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.
CVE-2022-37821 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.
CVE-2022-37820 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.
CVE-2022-37819 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.
CVE-2022-37818 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37817 1Tenda 1Ax1803 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind.
CVE-2022-34596 1Tenda 1Ax1803 Firmware Nov 21, 2024 Jul 6, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34595 1Tenda 1Ax1803 Firmware Nov 21, 2024 Jul 6, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
CVE-2022-30040 1Tenda 1Ax1803 Firmware Nov 21, 2024 May 11, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and...Show more Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service.Show less
CVE-2022-28572 1Tenda 2Ax1803 Firmware Ax1806 Firmware Nov 21, 2024 May 2, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function

Previous 1 23