G3 Firmware

g3_firmware

Vendor: Tendacn • 28 CVEs

CVEs (28)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-45991 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter.
CVE-2021-45990 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name...Show more Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name parameter.Show less
CVE-2021-45989 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstre...Show more Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.Show less
CVE-2021-45988 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule pa...Show more Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.Show less
CVE-2021-45987 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the ho...Show more Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter.Show less
CVE-2021-45986 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Feb 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usb...Show more Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usbOrdinaryUserName parameter.Show less
CVE-2021-27692 1Tendacn 2G1 Firmware G3 Firmware Nov 21, 2024 Apr 16, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request....Show more Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.Show less
CVE-2021-27691 1Tendacn 3G0 Firmware G1 FirmwareG3 Firmware Nov 21, 2024 Apr 16, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote att...Show more Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.Show less

Previous 12