Tenda

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-28556 1Tenda 1Ac15 Firmware Nov 21, 2024 May 4, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are...Show more Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow. Similarly, this vulnerability can be used together with CVE-2021-44971Show less
CVE-2022-28082 1Tenda 1Ax12 Firmware Nov 21, 2024 May 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.
CVE-2022-28561 1Tenda 1Ax12 Firmware Nov 21, 2024 May 3, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
CVE-2022-28560 1Tenda 1Ac9 Firmware Nov 21, 2024 May 3, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
CVE-2022-28572 1Tenda 2Ax1803 Firmware Ax1806 Firmware Nov 21, 2024 May 2, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
CVE-2022-27375 1Tenda 1Ax12 Firmware Nov 21, 2024 Apr 25, 2022 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.
CVE-2022-27374 1Tenda 1Ax12 Firmware Nov 21, 2024 Apr 25, 2022 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.
CVE-2022-27022 1Tenda 1Ac9 Firmware Nov 21, 2024 Apr 7, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.
CVE-2022-27016 1Tenda 1Ac9 Firmware Nov 21, 2024 Apr 7, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.
CVE-2022-26278 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 28, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVE-2022-27083 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadAccessCodePic.
CVE-2022-27082 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo.
CVE-2022-27081 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/SetLanInfo.
CVE-2022-27080 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setWorkmode.
CVE-2022-27079 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setPicListItem.
CVE-2022-27078 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setAdInfoDetail.
CVE-2022-27077 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /cgi-bin/uploadWeiXinPic.
CVE-2022-27076 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/delAd.
CVE-2022-26536 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/setFixTools.
CVE-2022-26290 1Tenda 1M3 Firmware Nov 21, 2024 Mar 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac.

Previous 1...858687...92 Next