CVE-2024-4170

Tenda 4G300 with firmware 1.01.42 is affected by a stack-based buffer overflow in the function sub_429A30 caused by manipulation of the list1 argument. The issue can be exploited remotely and is rated Critical (CVSS 3.1/3.0 ranges showing high impact). Several connected sources confirm the behavi...

CVE-2024-4168

A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability...

CVE-2024-4166

A vulnerability has been found in Tenda 4G300 1.01.42 and classified as critical. Affected by this vulnerability is the function sub41E858. The manipulation of the argument GO/page leads to stack-based buffer overflow. The attack can be launched remotely. The identifier VDB-261985 was assigned to...

CVE-2024-4167

A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier...

CVE-2024-4167 Tenda 4G300 sub_422AA4 stack-based overflow

A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier...

CVE-2024-4167

CVE-2024-4167 affects Tenda 4G300 with firmware 1.01.42. The vulnerability targets the function sub_422AA4 and arises from manipulation of year/month/day/hour/minute/second arguments, causing a stack-based buffer overflow that can be exploited remotely. References indicate VDB-261986 as the vulne...

CVE-2024-4126

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. This issue affects the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument manualTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...

CVE-2024-4124

A vulnerability, which was classified as critical, was found in Tenda W15E 15.11.0.14. This affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2024-4125

CVE-2024-4125 – Tenda W15E Affected: Tenda W15E router, version 15.11.0.14. Vulnerable component: the function formSetStaticRoute in file /goform/setStaticRoute. Root cause: manipulation of the staticRouteIndex argument leads to a stack-based buffer overflow. Impact: enables remote execution with...

CVE-2024-4123

CVE-2024-4123 affects Tenda W15E firmware 15.11.0.14. The vulnerability is a stack-based overflow in the function formSetPortMapping of /goform/SetPortMapping, triggered by manipulating arguments portMappingServer/portMappingProtocol/portMappingWan/porMappingtInternal/portMappingExternal. It can ...

CVE-2024-4121

A vulnerability classified as critical has been found in Tenda W15E 15.11.0.14. Affected is the function formQOSRuleDel. The manipulation of the argument qosIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-261864...

CVE-2024-4122

A vulnerability classified as critical was found in Tenda W15E 15.11.0.14. Affected by this vulnerability is the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack can be launched remotely...

CVE-2024-4122

CVE-2024-4122 affects Tenda W15E (firmware 15.11.0.14). Affects the function formSetDebugCfg in /goform/setDebugCfg; manipulating enable/level/module causes a stack-based buffer overflow. The vulnerability can be exploited remotely and exploit details have been published. Multiple connected sourc...

CVE-2024-4121 Tenda W15E formQOSRuleDel stack-based overflow

A vulnerability classified as critical has been found in Tenda W15E 15.11.0.14. Affected is the function formQOSRuleDel. The manipulation of the argument qosIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-261864...

CVE-2024-4118

A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. This affects the function formIPMacBindAdd of the file /goform/addIpMacBind. The manipulation of the argument IPMacBindRule leads to stack-based buffer overflow. It is possible to initiate the attack remotely...

CVE-2024-4119

The CVE-2024-4119 entry concerns the Tenda W15E router (firmware 15.11.0.14). The vulnerability is in the function formIPMacBindDel (file /goform/delIpMacBind) where improper validation of the IPMacBindIndex input leads to a stack-based buffer overflow. It is exploitable remotely and, per sources...

CVE-2024-4118 Tenda W15E addIpMacBind formIPMacBindAdd stack-based overflow

A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. This affects the function formIPMacBindAdd of the file /goform/addIpMacBind. The manipulation of the argument IPMacBindRule leads to stack-based buffer overflow. It is possible to initiate the attack remotely...

CVE-2024-4118

The CVE-2024-4118 entry affects Tenda W15E version 15.11.0.14. The vulnerability lies in the formIPMacBindAdd function of the /goform/addIpMacBind file, where manipulating the IPMacBindRule parameter triggers a stack-based buffer overflow. This can be exploited remotely, and public exploit inform...

CVE-2024-4115

A vulnerability, which was classified as critical, was found in Tenda W15E 15.11.0.14. Affected is the function formAddDnsForward of the file /goform/AddDnsForward. The manipulation of the argument DnsForwardRule leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2024-4117

CVE-2024-4117 affects Tenda W15E v15.11.0.14. The vulnerability is a stack-based buffer overflow in the function formDelPortMapping() of the endpoint /goform/DelPortMapping . Exploitation arises from naive handling of the portMappingIndex parameter, enabling a remote attacker to potentially compr...