← Back

Tendacn

tendacn

146 CVEs • 48 products

Products (48)

Click to collapse
Toggle
G3 Firmware
g3_firmware
28 CVEs
Ac6 Firmware
ac6_firmware
27 CVEs
G1 Firmware
g1_firmware
23 CVEs
Ac10u Firmware
ac10u_firmware
23 CVEs
Ac15 Firmware
ac15_firmware
20 CVEs
Ac18 Firmware
ac18_firmware
18 CVEs
Ac9 Firmware
ac9_firmware
17 CVEs
Fh1201 Firmware
fh1201_firmware
15 CVEs
Ac10 Firmware
ac10_firmware
7 CVEs
Pa6 Firmware
pa6_firmware
4 CVEs
Ac23 Ac2100 Firmware
ac23_ac2100_firmware
4 CVEs
A301 Firmware
a301_firmware
4 CVEs
F1200 Firmware
f1200_firmware
2 CVEs
Fh1202 Firmware
fh1202_firmware
2 CVEs
F1202 Firmware
f1202_firmware
2 CVEs
Ac7 Firmware
ac7_firmware
2 CVEs
Ac9v1.0 Firmware
ac9v1.0_firmware
2 CVEs
Ac1200 Firmware
ac1200_firmware
2 CVEs
D152 Firmware
d152_firmware
1 CVE
Adsl Firmware
adsl_firmware
1 CVE
N301 Firmware
n301_firmware
1 CVE
G0 Firmware
g0_firmware
1 CVE
Cp3 Firmware
cp3_firmware
1 CVE
I29 Firmware
i29_firmware
1 CVE
F1200
f1200
0 CVEs
Fh1202
fh1202
0 CVEs
F1202
f1202
0 CVEs
Ac15
ac15
0 CVEs
Ac7
ac7
0 CVEs
Ac9
ac9
0 CVEs
Ac10
ac10
0 CVEs
Ac18
ac18
0 CVEs
D152
d152
0 CVEs
Adsl
adsl
0 CVEs
N301
n301
0 CVEs
Ac1200 Smart Dual Band Gigabit Wifi
ac1200_smart_dual-band_gigabit_wifi
0 CVEs
Ac6
ac6
0 CVEs
Pa6
pa6
0 CVEs
Ac1200
ac1200
0 CVEs
G0
g0
0 CVEs
G1
g1
0 CVEs
G3
g3
0 CVEs
Ac10u
ac10u
0 CVEs
Ac23 Ac2100
ac23_ac2100
0 CVEs
Cp3
cp3
0 CVEs
A301
a301
0 CVEs
I29
i29
0 CVEs
Fh1201
fh1201
0 CVEs

CVEs (146)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-24164
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule par...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule parameter.Show less
CVE-2021-45997
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServe...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.Show less
CVE-2021-45996
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServe...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.Show less
CVE-2021-45995
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet,...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet, staticRouteMask, and staticRouteGateway parameters.Show less
CVE-2021-45994
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parame...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parameter.Show less
CVE-2021-45993
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP and IPMacBindRuleMac parameters.Show less
CVE-2021-45992
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName paramete...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName parameter.Show less
CVE-2021-45991
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter.
CVE-2021-45990
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name parameter.Show less
CVE-2021-45989
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstre...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.Show less
CVE-2021-45988
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule pa...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.Show less
CVE-2021-45987
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the ho...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter.Show less
CVE-2021-45986
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usb...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usbOrdinaryUserName parameter.Show less
CVE-2021-44352
1Tendacn
1Ac15 Firmware
Nov 21, 2024
Dec 3, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.
CVE-2021-31627
1Tendacn
1Ac9 Firmware
Nov 21, 2024
Oct 29, 2021
N/A· v4
8.8 HIGH· v3
5.8 MEDIUM· v2
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.
CVE-2021-31624
1Tendacn
1Ac9 Firmware
Nov 21, 2024
Oct 29, 2021
N/A· v4
8.8 HIGH· v3
5.8 MEDIUM· v2
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.
CVE-2020-22079
1Tendacn
2Ac10u Firmware
Ac9 Firmware
Nov 21, 2024
Oct 29, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
CVE-2020-20746
1Tendacn
1Ac9 Firmware
Nov 21, 2024
Sep 30, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.
CVE-2021-27692
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Apr 16, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request....Show more
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.Show less
CVE-2021-27691
1Tendacn
3G0 Firmware
G1 FirmwareG3 Firmware
Nov 21, 2024
Apr 16, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote att...Show more
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.Show less