454 matches found
CVE-2018-14559
CVE-2018-14559 describes a buffer overflow in Tenda devices (AC7 firmware V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN) caused by writing POST list parameters with sprintf to a stack variable in the httpd web server, which can overwrite a return address. Primary impact is high...
Tenda AC7, AC9 and AC10 Command Injection Vulnerabilities
The Tenda AC7, AC9 and AC10 are all wireless router products from Tenda, a Chinese company. A command injection vulnerability exists in the Tenda AC7, AC9, and AC10. An attacker can exploit this vulnerability by sending a specially crafted request to execute arbitrary operating system commands...
Command injection
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a craft...
CVE-2018-14558
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a craft...
CVE-2018-14558
CVE-2018-14558 affects Tenda AC7/AC9/AC10 routers (firmware: AC7 ≤ V15.03.06.44_CN, AC9 ≤ V15.03.05.19(6318)_CN, AC10 ≤ V15.03.06.23_CN). The flaw arises in the formsetUsbUnload function, which calls dosystemCmd with untrusted input via a crafted goform/setUsbUnload request, leading to arbitrary ...
CVE-2018-18732
An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request,...
Buffer overflow
An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters for a pos...
Buffer overflow
An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function...
CVE-2018-18729
Affected devices are Tenda routers AC7 (V15.03.06.44_CN), AC9 (V15.03.05.19(6318)_CN), AC10 (V15.03.06.23_CN), AC15 (V15.03.05.19_CN), and AC18 (V15.03.05.19(6318)_CN). The issue is a heap-based buffer overflow in the router web server (httpd). During processing of the mac parameter for a POST re...
CVE-2018-18706
CVE-2018-18706 affects Tenda AC7/AC9/AC10/AC15/AC18 routers. The vulnerability exists in the router’s web server (httpd) where, on processing the page parameter of the function fromDhcpListClient , the value is directly used in a sprintf into a stack-based local variable, overriding the function’...
Buffer Overflow Vulnerability in Multiple Tenda Products
Tenda AC7 and others are wireless router products from Tenda, a Chinese company. A buffer overflow vulnerability exists in the web server of multiple Tenda products. An attacker could exploit this vulnerability to cause a denial of service...
CVE-2018-14492
Tenda AC7 through V15.03.06.44CN, AC9 through V15.03.05.196318CN, and AC10 through V15.03.06.23CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI...
Stack overflow
Tenda AC7 through V15.03.06.44CN, AC9 through V15.03.05.196318CN, and AC10 through V15.03.06.23CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI...
CVE-2018-14492
The CVE-2018-14492 entry affects Tenda router models AC7 (firmware up to 15.03.06.44_CN), AC9 (up to 15.03.05.19(6318)_CN), and AC10 (up to 15.03.06.23_CN). A stack-based buffer overflow is triggered by a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. No explicit patch/v...