Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

G3 Firmware Security Vulnerabilities - February

cve
cve

CVE-2021-27705

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.

9.8CVSS

9.5AI Score

0.007EPSS

2021-04-14 03:15 PM
24
4
cve
cve

CVE-2021-27706

Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without...

9.8CVSS

9.6AI Score

0.007EPSS

2021-04-14 03:15 PM
31
4
cve
cve

CVE-2021-27707

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without l...

9.8CVSS

9.6AI Score

0.007EPSS

2021-04-14 03:15 PM
25
4
cve
cve

CVE-2022-36584

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.

9.8CVSS

9.6AI Score

0.003EPSS

2022-09-06 05:15 PM
31
3
cve
cve

CVE-2022-36585

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.

9.8CVSS

9.6AI Score

0.003EPSS

2022-09-07 11:15 PM
37
4
cve
cve

CVE-2022-36586

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.

9.8CVSS

9.6AI Score

0.003EPSS

2022-09-08 12:15 AM
35
6
cve
cve

CVE-2022-36587

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.

9.8CVSS

9.6AI Score

0.003EPSS

2022-09-07 05:15 PM
31
4
cve
cve

CVE-2024-8224

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack may be initiated remotely....

9.8CVSS

8.8AI Score

0.004EPSS

2024-08-27 11:15 PM
27
cve
cve

CVE-2024-8225

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The expl...

9.8CVSS

8.9AI Score

0.004EPSS

2024-08-27 11:15 PM
28