← Back

Tendacn

tendacn

146 CVEs • 48 products

Products (48)

Click to collapse
Toggle
G3 Firmware
g3_firmware
28 CVEs
Ac6 Firmware
ac6_firmware
27 CVEs
G1 Firmware
g1_firmware
23 CVEs
Ac10u Firmware
ac10u_firmware
23 CVEs
Ac15 Firmware
ac15_firmware
20 CVEs
Ac18 Firmware
ac18_firmware
18 CVEs
Ac9 Firmware
ac9_firmware
17 CVEs
Fh1201 Firmware
fh1201_firmware
15 CVEs
Ac10 Firmware
ac10_firmware
7 CVEs
Pa6 Firmware
pa6_firmware
4 CVEs
Ac23 Ac2100 Firmware
ac23_ac2100_firmware
4 CVEs
A301 Firmware
a301_firmware
4 CVEs
F1200 Firmware
f1200_firmware
2 CVEs
Fh1202 Firmware
fh1202_firmware
2 CVEs
F1202 Firmware
f1202_firmware
2 CVEs
Ac7 Firmware
ac7_firmware
2 CVEs
Ac9v1.0 Firmware
ac9v1.0_firmware
2 CVEs
Ac1200 Firmware
ac1200_firmware
2 CVEs
D152 Firmware
d152_firmware
1 CVE
Adsl Firmware
adsl_firmware
1 CVE
N301 Firmware
n301_firmware
1 CVE
G0 Firmware
g0_firmware
1 CVE
Cp3 Firmware
cp3_firmware
1 CVE
I29 Firmware
i29_firmware
1 CVE
F1200
f1200
0 CVEs
Fh1202
fh1202
0 CVEs
F1202
f1202
0 CVEs
Ac15
ac15
0 CVEs
Ac7
ac7
0 CVEs
Ac9
ac9
0 CVEs
Ac10
ac10
0 CVEs
Ac18
ac18
0 CVEs
D152
d152
0 CVEs
Adsl
adsl
0 CVEs
N301
n301
0 CVEs
Ac1200 Smart Dual Band Gigabit Wifi
ac1200_smart_dual-band_gigabit_wifi
0 CVEs
Ac6
ac6
0 CVEs
Pa6
pa6
0 CVEs
Ac1200
ac1200
0 CVEs
G0
g0
0 CVEs
G1
g1
0 CVEs
G3
g3
0 CVEs
Ac10u
ac10u
0 CVEs
Ac23 Ac2100
ac23_ac2100
0 CVEs
Cp3
cp3
0 CVEs
A301
a301
0 CVEs
I29
i29
0 CVEs
Fh1201
fh1201
0 CVEs

CVEs (146)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-37176
1Tendacn
1Ac6 Firmware
Nov 21, 2024
Aug 30, 2022
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWiz...Show more
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.Show less
CVE-2022-36552
1Tendacn
1Ac6 Firmware
Nov 21, 2024
Aug 30, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
CVE-2022-36233
1Tendacn
1Ac9 Firmware
Nov 21, 2024
Aug 19, 2022
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.
CVE-2022-32386
1Tendacn
1Ac23 Ac2100 Firmware
Nov 21, 2024
Jul 6, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVE-2022-32385
1Tendacn
1Ac23 Ac2100 Firmware
Nov 21, 2024
Jul 6, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
CVE-2022-32383
1Tendacn
1Ac23 Ac2100 Firmware
Nov 21, 2024
Jul 6, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
CVE-2022-32384
1Tendacn
1Ac23 Ac2100 Firmware
Nov 21, 2024
Jul 1, 2022
N/A· v4
8.8 HIGH· v3
5.8 MEDIUM· v2
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
CVE-2022-31446
1Tendacn
1Ac18 Firmware
Nov 21, 2024
Jun 14, 2022
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
CVE-2022-26243
1Tendacn
1Ac10 Firmware
Nov 21, 2024
Mar 23, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.
CVE-2021-38772
1Tendacn
1Ac10 Firmware
Nov 21, 2024
Mar 23, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
CVE-2021-38278
1Tendacn
1Ac10 Firmware
Nov 21, 2024
Mar 23, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.
CVE-2021-45401
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Feb 18, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client con...Show more
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.Show less
CVE-2022-24172
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDhcpBindRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the addDhcpRules pa...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDhcpBindRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the addDhcpRules parameter.Show less
CVE-2022-24171
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppo...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters.Show less
CVE-2022-24170
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPse...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.Show less
CVE-2022-24169
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindAdd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRule para...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindAdd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRule parameter.Show less
CVE-2022-24168
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupS...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupStartIP and IPGroupEndIP parameters.Show less
CVE-2022-24167
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 par...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 parameter.Show less
CVE-2022-24166
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter.Show less
CVE-2022-24165
1Tendacn
2G1 Firmware
G3 Firmware
Nov 21, 2024
Feb 4, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanI...Show more
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.Show less