13 matches found
Buffer overflow
Tenda V15V1.0 V15.11.0.14152131901058 was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
Buffer overflow
Tenda V15V1.0 V15.11.0.14152131901058 was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2023-27063
CVE-2023-27063 affects Tenda V15V1.0 with V15.11.0.14 (1521_3190_1058). A buffer overflow in the DNSDomainName parameter of the formModifyDnsForward function allows DoS via a crafted request. The entry indicates network access, no privileges required, and high confidentiality/integrity/availabili...
PT-2023-20923 · Tenda · Tenda V15V1.0
Name of the Vulnerable Software and Affected Versions: Tenda V15V1.0 version V15.11.0.141521 3190 1058 Description: A buffer overflow issue was discovered via the wifiFilterListRemark parameter in the modifyWifiFilterRules function, allowing attackers to cause a Denial of Service DoS via a crafte...
PT-2023-20926 · Tenda · Tenda V15
Name of the Vulnerable Software and Affected Versions: Tenda V15 versions V15.11.0.141521 3190 1058 Description: A buffer overflow issue was found, allowing attackers to cause a Denial of Service DoS via a crafted request. The issue is related to the index parameter in the formDelDnsForward...
CVE-2022-45005
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the cmdgetpingoutput function...
Command injection
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the cmdgetpingoutput function...
CVE-2022-45005
CVE-2022-45005 affects IP-COM EW9 firmware v15.11.0.14(9732). The issue is a command injection in the cmd_get_ping_output function, enabling an attacker to inject commands via the affected feature. Reported impact is high (confidentiality, integrity, and availability all high) with network-expose...
CVE-2022-43367
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the formSetDebugCfg function...
Command injection
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the formSetDebugCfg function...
CVE-2022-43365
IP-COM EW9 V15.11.0.149732 was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...
CVE-2022-43366
CVE-2022-43366 affects IP-COM EW9, version 15.11.0.14(9732). The flaw allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces. NVD/CVE metrics assign CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (base score ...
CVE-2022-43365
The CVE-2022-43365 vulnerability affects IP-COM EW9 router (firmware version V15.11.0.14(9732)). A buffer overflow in the formSetDebugCfg function is described, enabling a crafted string to trigger a Denial of Service (DoS). Connected sources consistently cite the same root cause and impact witho...