49 matches found
CVE-2024-34338
Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function formGetWeiXinConfig...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function R7WebsSecurityHandler...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function upgrade...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function formDelWlRfPolicy...
CVE-2023-51090
CVE-2023-51090 affects Tenda M3, specifically version 1.0.0.12(4856). The vulnerability is a stack overflow in the formGetWeiXinConfig function, caused by improper input validation/size handling, which can lead to arbitrary code execution or a denial of service. Public references from CNVD and CN...
Tenda M3 安全漏洞
Tenda M3 is an access controller from Tenda, China. A buffer overflow vulnerability exists in Tenda M3 version V1.0.0.124856, which stems from the formDelWlRfPolicy method failing to properly validate the length of input data, and can be exploited by a remote attacker to execute arbitrary code on...
CVE-2023-51093
The CVE-2023-51093 entry concerns a stack overflow in Tenda M3 V1.0.0.12(4856) caused by the fromSetLocalVlanInfo function. Affected component: fromSetLocalVlanInfo in the M3 firmware; root cause is improper input validation leading to a stack overflow. Impact is described as potential remote cod...
CVE-2022-38566
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailname parameter...
CVE-2022-38565
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailpwd parameter...
Heap overflow
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailname parameter...
Heap overflow
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service DoS via the hostname parameter...
Heap overflow
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service DoS via the MACAddr parameter...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service DoS via the adPushUID parameter...
Stack overflow
Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow in the function formDelAd...
CVE-2022-38562
CVE-2022-38562 affects Tenda M3 V1.0.0.12(4856). The issue is a heap buffer overflow in the formSetFixTools function, enabling a Denial of Service via the lan parameter. Affected software/hardware: Tenda M3 router (V1.0.0.12/4856). Root cause: heap buffer overflow in formSetFixTools. Impact: DoS ...
CVE-2022-38565
CVE-2022-38565 affects Tenda M3 V1.0.0.12(4856). A heap buffer overflow in the formEmailTest function can allow an attacker to cause a Denial of Service via the mailpwd parameter. Public sources (PT-2022-24459 and Red Hat/NVD entries) confirm the affected software and impact. Mitigation/workaroun...
CVE-2022-38565
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailpwd parameter...
CVE-2022-38566
CVE-2022-38566 affects Tenda M3, version 1.0.0.12(4856). The issue is a heap buffer overflow in the formEmailTest function when processing the mailname parameter, leading to Denial of Service. Sources consistently describe a DoS impact with no indicated remote code execution. The vulnerability is...
CVE-2022-38566
Tenda M3 V1.0.0.124856 was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service DoS via the mailname parameter...