Filtered by vendor Tenda
Subscriptions
Total
741 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-38934 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2023-08-09 | 9.8 Critical |
Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | ||||
CVE-2023-38932 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2023-08-09 | 9.8 Critical |
Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | ||||
CVE-2023-38930 | 1 Tenda | 10 Ac5, Ac5 Firmware, Ac7 and 7 more | 2023-08-09 | 9.8 Critical |
Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
CVE-2023-38929 | 1 Tenda | 2 4g300, 4g300 Firmware | 2023-08-09 | 9.8 Critical |
Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | ||||
CVE-2022-40843 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | 4.9 Medium |
The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account. | ||||
CVE-2022-40845 | 1 Tenda | 2 Ac1200 V-w15ev2, W15e Firmware | 2023-08-08 | 6.5 Medium |
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have. | ||||
CVE-2022-46538 | 1 Tenda | 2 F1203, F1203 Firmware | 2023-08-08 | 9.8 Critical |
Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac parameter at /goform/WriteFacMac. | ||||
CVE-2022-45996 | 1 Tenda | 2 W15e, W20e Firmware | 2023-08-08 | 7.2 High |
Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. | ||||
CVE-2022-37810 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. | ||||
CVE-2022-45977 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2023-08-08 | 8.8 High |
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function. | ||||
CVE-2022-36273 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. | ||||
CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | ||||
CVE-2022-35555 | 1 Tenda | 2 W6, W6 Firmware | 2023-08-08 | 9.8 Critical |
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution. | ||||
CVE-2022-25440 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | ||||
CVE-2022-34597 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | ||||
CVE-2022-34596 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting. | ||||
CVE-2022-25439 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. | ||||
CVE-2022-34595 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status. | ||||
CVE-2022-32054 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter. | ||||
CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. |