Filtered by vendor Tenda
Subscriptions
Total
741 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43885 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-11-16 | 8.1 High |
| Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | ||||
| CVE-2023-43886 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-11-16 | 7.1 High |
| A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | ||||
| CVE-2023-47455 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-11-14 | 9.1 Critical |
| Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size. | ||||
| CVE-2023-47456 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-11-14 | 9.1 Critical |
| Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat. | ||||
| CVE-2023-4498 | 1 Tenda | 2 N300, N300 Firmware | 2023-11-07 | 5.3 Medium |
| Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | ||||
| CVE-2023-34571 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 6.7 Medium |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet. | ||||
| CVE-2023-34570 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 6.7 Medium |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. | ||||
| CVE-2023-34569 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 6.7 Medium |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | ||||
| CVE-2023-34568 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 6.7 Medium |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | ||||
| CVE-2023-34567 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 6.7 Medium |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | ||||
| CVE-2023-34566 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-11-07 | 9.8 Critical |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo. | ||||
| CVE-2023-29681 | 1 Tenda | 2 N301, N301 Firmware | 2023-11-07 | 5.7 Medium |
| Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | ||||
| CVE-2023-29680 | 1 Tenda | 2 N301, N301 Firmware | 2023-11-07 | 5.7 Medium |
| Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | ||||
| CVE-2020-35391 | 1 Tenda | 2 F3, F3 Firmware | 2023-11-07 | 6.5 Medium |
| Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HTTP request headers must be unusual, but it is not known why these are relevant to the device's HTTP response behavior. | ||||
| CVE-2023-46370 | 1 Tenda | 2 W18e, W18e Firmware | 2023-11-01 | 9.8 Critical |
| Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function. | ||||
| CVE-2023-46369 | 1 Tenda | 2 W18e, W18e Firmware | 2023-11-01 | 9.8 Critical |
| Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. | ||||
| CVE-2023-40830 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-10-06 | 9.8 Critical |
| Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | ||||
| CVE-2023-42320 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-09-21 | 9.8 Critical |
| Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. | ||||
| CVE-2021-40546 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-09-07 | 4.9 Medium |
| Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | ||||
| CVE-2023-40844 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-09-07 | 9.8 Critical |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.' | ||||