12 matches found
EUVD-2021-33073
Malicious code in bioql PyPI...
EUVD-2021-33072
Malicious code in bioql PyPI...
The vulnerability of the Tenda AX3 Wi-Fi router’s microprogramming software, related to the execution of operations beyond the buffer in memory, allows attackers to escalate their privileges and cause service interruptions.
The vulnerability of the Tenda AX3 Wi-Fi router’s microprogramming software is related to the operation of the function that outputs data beyond the buffer in memory when processing the firewallEn parameter. Exploiting this vulnerability can allow a remote attacker to increase their privileges an...
Tenda AX3 SetFirewallCfg Buffer Overflow Vulnerability
Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a buffer overflow vulnerability that originates from a boundary error in...
Tenda AX3 Router Buffer Overflow (CVE-2022-24995)
A buffer overflow vulnerability exists in Tenda AX3 Router. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...
Stack overflow
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack...
Stack overflow
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...
CVE-2021-46394
CVE-2021-46394 describes a stack buffer overflow in Tenda-AX3 router, caused by taking the http parameter startIp into v13 and copying it onto the stack via sscanf in formSetPPTPServerCfg handling. Exploitation path: POST to /goform/SetPptpServerCfg with crafted startIp data can lead to remote co...
CVE-2021-46393
CVE-2021-46393 is a stack buffer overflow in the Tenda-AX3 router (V16.03.12.10_CN) due to the formSetPPTPServer function. The vulnerability arises because the v10 variable is sourced from the HTTP parameter startIp and is concatenated into the stack via sscanf without bounds checking, causing ov...
CVE-2021-46393
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...
Tenda AX3 缓冲区错误漏洞
Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. A buffer overflow vulnerability exists in Tenda AX3 v16.03.12.10CN, which can be exploited by an attacker to cause a denial of service DoS via the shareSpeed parameter...
Tenda Ax3 命令注入漏洞
Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. A command injection vulnerability exists in Tenda AX3 v16.03.12.10CN, which can be exploited by an attacker to cause a denial of service DoS via the dmzIp parameter...