Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).
9.8CVSS
9.8AI Score
0.005EPSS
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.
7.5CVSS
7.5AI Score
0.001EPSS
Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to a...
7.5CVSS
7.6AI Score
0.001EPSS
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.
8.8CVSS
8.8AI Score
0.027EPSS
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set
7.5CVSS
7.7AI Score
0.001EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
7.5CVSS
7.8AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo.
7.5CVSS
7.7AI Score
0.001EPSS
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
9.8CVSS
9.9AI Score
0.012EPSS
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
9.8CVSS
9.8AI Score
0.056EPSS
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
9.8CVSS
9.8AI Score
0.056EPSS
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
9.8CVSS
9.8AI Score
0.056EPSS
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
9.8CVSS
9.7AI Score
0.011EPSS
A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
9.8CVSS
9.7AI Score
0.006EPSS
A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
7.5CVSS
7.4AI Score
0.001EPSS
A stack overflow vulnerability exists in /goform/WifiMacFilterGet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
7.5CVSS
7.4AI Score
0.001EPSS
A stack overflow vulnerability exists in /goform/setAutoPing in Tenda W6 V1.0.0.9(4122), which allows an attacker to construct ping1 parameters and ping2 parameters for a stack overflow attack. An attacker can use this vulnerability to execute arbitrary code execution.
9.8CVSS
9.8AI Score
0.003EPSS
A stack overflow vulnerability exists in /goform/wifiSSIDset in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
7.5CVSS
7.4AI Score
0.001EPSS
A stack overflow vulnerability exists in /goform/WifiMacFilterSet in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter.
7.5CVSS
7.4AI Score
0.001EPSS
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
9.8CVSS
9.7AI Score
0.056EPSS
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
8.8CVSS
8.8AI Score
0.001EPSS
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
8.8CVSS
8.8AI Score
0.001EPSS
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
7.2CVSS
7.1AI Score
0.001EPSS
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
7.2CVSS
7.1AI Score
0.001EPSS
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.
9.8CVSS
9.6AI Score
0.003EPSS
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.
9.8CVSS
9.6AI Score
0.003EPSS
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.
9.8CVSS
9.6AI Score
0.003EPSS
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
9.8CVSS
9.6AI Score
0.003EPSS
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
5.5CVSS
5.6AI Score
0.001EPSS
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting.
9.8CVSS
9.7AI Score
0.002EPSS