Tenda

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-2560 1Tenda 1Ac18 Firmware Jan 22, 2025 Mar 17, 2024 N/A· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-s...Show more A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257059. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2559 1Tenda 1Ac18 Firmware Jan 27, 2025 Mar 17, 2024 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It i...Show more A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2558 1Tenda 1Ac18 Firmware Jan 27, 2025 Mar 17, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack...Show more A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2547 1Tenda 1Ac18 Firmware Jan 27, 2025 Mar 17, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow...Show more A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2546 1Tenda 1Ac18 Firmware Mar 11, 2025 Mar 17, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-b...Show more A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2490 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/s...Show more A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256897 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2489 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based b...Show more A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256896. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2488 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads t...Show more A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256895. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2487 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devN...Show more A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256894 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2486 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to st...Show more A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256893 was assigned to this vulnerability.Show less
CVE-2024-2485 1Tenda 1Ac18 Firmware Jan 14, 2025 Mar 15, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to...Show more A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-28383 1Tenda 1Ax12 Firmware Mar 13, 2025 Mar 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 v1.0 v22.03.01.16 was discovered to contain a stack overflow via the ssid parameter in the sub_431CF0 function.
CVE-2024-28553 1Tenda 1Ac18 Firmware Nov 21, 2024 Mar 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.
CVE-2024-28535 1Tenda 1Ac18 Firmware Nov 21, 2024 Mar 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.
CVE-2024-25751 1Tenda 1Ac9 Firmware Mar 13, 2025 Feb 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetSysTime function.
CVE-2024-25756 1Tenda 1Ac9 Firmware Mar 13, 2025 Feb 22, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formWifiBasicSet function.
CVE-2024-25753 1Tenda 1Ac9 Firmware Mar 13, 2025 Feb 22, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function.
CVE-2024-25748 1Tenda 1Ac9 Firmware Mar 13, 2025 Feb 22, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function.
CVE-2024-25746 1Tenda 1Ac9 Firmware Mar 13, 2025 Feb 22, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the add_white_node function.
CVE-2023-24334 1Tenda 1Ac23 Firmware Mar 25, 2025 Feb 21, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.

Previous 1...555657...92 Next