5 matches found
Command injection
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function...
CVE-2022-41396
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters...
CVE-2022-42060
The CVE-2022-42060 issue affects Tenda AC1200 Router Model W15Ev2 with firmware 15.11.0.10(1576). A stack overflow in the setWanPpoe function can be triggered by crafted data, resulting in Denial of Service. Reported sources consistently describe a DoS impact and do not provide exploitation detai...
CVE-2022-40845
The Tenda AC1200 Router model W15Ev2 V15.11.0.101576 is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not...
CVE-2022-40845
CVE-2022-40845 affects the Tenda AC1200 Router model W15Ev2 with firmware V15.11.0.10(1576). The vulnerability is a password exposure caused by improper authorization/improper session management, enabling an attacker with router access to view sensitive information not explicitly authorized. CVSS...