Lucene search

Ac23 Firmware Security Vulnerabilities

cve

CVE-2022-43101

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43102

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43103

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43104

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43105

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43106

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43107

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2022-43108

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

9.8CVSS

9.7AI Score

0.002EPSS

2022-11-03 02:15 PM

cve

CVE-2023-0782

A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to ...

9.8CVSS

9.4AI Score

0.002EPSS

2023-02-11 06:15 PM

cve

CVE-2023-2649

A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. The exploi...

8.8CVSS

8.9AI Score

0.002EPSS

2023-05-11 08:15 AM

116

cve

CVE-2023-40797

In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.

8.8CVSS

8.8AI Score

0.001EPSS

2023-08-25 04:15 PM

cve

CVE-2023-40798

In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.

8.8CVSS

8.7AI Score

0.001EPSS

2023-08-25 04:15 PM

cve

CVE-2023-40799

Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.

9.8CVSS

9.3AI Score

0.002EPSS

2023-08-25 03:15 PM

cve

CVE-2023-40800

The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.

8.8CVSS

8.7AI Score

0.001EPSS

2023-08-25 03:15 PM

cve

CVE-2023-40802

The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn

6.5CVSS

6.6AI Score

0.001EPSS

2023-08-25 03:15 PM