Ax1803 Firmware Security Vulnerabilities and Issues — Ax1803 Firmware CVE List

Lucene search

TendaAx1803 Firmware

17 matches found

CVE•added 2022/05/02 1:15 p.m.•77 views

CVE-2022-28572

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in SetIPv6Status function

8.8CVSS9.3AI score0.0616EPSS

CVE•added 2022/05/11 6:15 p.m.•72 views

CVE-2022-30040

Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to a...

7.5CVSS7.6AI score0.00441EPSS

CVE•added 2022/07/06 5:15 p.m.•56 views

CVE-2022-34595

Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.

9.8CVSS9.8AI score0.18362EPSS

CVE•added 2022/10/27 9:15 p.m.•54 views

CVE-2022-40876

In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE).

9.8CVSS9.8AI score0.02195EPSS

CVE•added 2022/08/25 3:15 p.m.•53 views

CVE-2022-37820

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/07/06 5:15 p.m.•52 views

CVE-2022-34596

Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.

9.8CVSS9.8AI score0.18362EPSS

CVE•added 2022/08/25 3:15 p.m.•50 views

CVE-2022-37818

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/08/25 3:15 p.m.•48 views

CVE-2022-37822

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/08/25 3:15 p.m.•47 views

CVE-2022-37817

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/10/12 7:15 p.m.•47 views

CVE-2022-42086

Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.

6.5CVSS6.5AI score0.00066EPSS

CVE•added 2022/10/12 7:15 p.m.•47 views

CVE-2022-42087

Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.

6.5CVSS6.5AI score0.00066EPSS

CVE•added 2022/10/27 6:15 p.m.•46 views

CVE-2022-40874

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request.

7.5CVSS7.6AI score0.00105EPSS

CVE•added 2022/08/25 3:15 p.m.•44 views

CVE-2022-37819

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/08/25 3:15 p.m.•42 views

CVE-2022-37821

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince.

7.8CVSS7.8AI score0.00063EPSS

CVE•added 2022/10/27 6:15 p.m.•41 views

CVE-2022-40875

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.

7.5CVSS7.7AI score0.00105EPSS

CVE•added 2022/08/25 3:15 p.m.•40 views

CVE-2022-37824

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic.

7.8CVSS7.8AI score0.00062EPSS

CVE•added 2022/08/25 3:15 p.m.•37 views

CVE-2022-37823

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer.

7.8CVSS7.8AI score0.00062EPSS