23 matches found
CVE-2022-40844
In Tenda Shenzhen Tenda Technology Co., Ltd AC1200 Router model W15Ev2 V15.11.0.101576, a Stored Cross Site Scripting XSS issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body...
Tenda AC1200 authorization error vulnerability
Tenda AC1200 is a wireless router from Tenda, China. Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 is vulnerable to an authorization error. An authenticated attacker can use this vulnerability to read the router's syslog.log file, which contains the MD5 password for the administrator user...
CVE-2022-42058
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...
CVE-2022-42060
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...
CVE-2022-42053
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function...
CVE-2022-40844
In Tenda Shenzhen Tenda Technology Co., Ltd AC1200 Router model W15Ev2 V15.11.0.101576, a Stored Cross Site Scripting XSS issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body...
CVE-2022-40846
In Tenda AC1200 Router model W15Ev2 V15.11.0.101576, a Stored Cross Site Scripting XSS vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname...
CVE-2022-41395
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function...
CVE-2022-40845
The Tenda AC1200 Router model W15Ev2 V15.11.0.101576 is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not...
CVE-2022-40847
In Tenda AC1200 Router model W15Ev2 V15.11.0.101576, there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter...
CVE-2022-40843
The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of...
CVE-2022-40843
The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of...
Authorization
The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of...
CVE-2022-40845
CVE-2022-40845 affects the Tenda AC1200 Router model W15Ev2 with firmware V15.11.0.10(1576). The vulnerability is a password exposure caused by improper authorization/improper session management, enabling an attacker with router access to view sensitive information not explicitly authorized. CVSS...
CVE-2022-41396
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters...
CVE-2022-40845
The Tenda AC1200 Router model W15Ev2 V15.11.0.101576 is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not...
CVE-2022-42058
Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...
CVE-2022-40844
CVE-2022-40844 affects the Tenda AC1200 Router, model W15Ev2, firmware version V15.11.0.10(1576). The root cause is a Stored Cross Site Scripting (XSS) vulnerability in the applications website filtering tab, exploitable via the URL body. The issue allows an attacker to execute JavaScript code in...
CVE-2022-40843
Affected product: Tenda AC1200 V-W15Ev2 (W15Ev2, firmware version V15.11.0.10(1576)). Vulnerability: Improper authorization/improper session management allows bypassing the router login page. This can lead to reading the router’s syslog.log file which contains the MD5 password of the Administrato...
CVE-2022-40843
The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of...