Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TendaG3 Firmware

17 matches found

CVE
CVEadded 2022/09/07 11:15 p.m.54 views

CVE-2022-36585

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.

9.8CVSS9.6AI score0.00654EPSS
CVE
CVEadded 2022/09/06 5:15 p.m.51 views

CVE-2022-36584

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.

9.8CVSS9.6AI score0.00654EPSS
CVE
CVEadded 2024/04/25 12:15 p.m.48 views

CVE-2024-4165

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502). Affected is the function modifyDhcpRule of the file /goform/modifyDhcpRule. The manipulation of the argument bindDhcpIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. T...

9.8CVSS6.9AI score0.00444EPSS
Web
CVE
CVEadded 2022/09/08 12:15 a.m.46 views

CVE-2022-36586

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.

9.8CVSS9.6AI score0.00654EPSS
CVE
CVEadded 2022/09/07 5:15 p.m.46 views

CVE-2022-36587

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.

9.8CVSS9.6AI score0.00654EPSS
CVE
CVEadded 2024/08/27 11:15 p.m.44 views

CVE-2024-8225

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The expl...

9.8CVSS8.9AI score0.00458EPSS
Web
CVE
CVEadded 2024/04/25 11:15 a.m.43 views

CVE-2024-4164

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.17(9502). This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The at...

9.8CVSS6.9AI score0.00537EPSS
Web
CVE
CVEadded 2021/04/14 3:15 p.m.40 views

CVE-2021-27706

Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without...

9.8CVSS9.6AI score0.03106EPSS
CVE
CVEadded 2021/04/14 3:15 p.m.39 views

CVE-2021-27707

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without l...

9.8CVSS9.6AI score0.03106EPSS
CVE
CVEadded 2024/10/17 5:15 p.m.37 views

CVE-2024-48192

Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root

8CVSS7.5AI score0.00075EPSS
CVE
CVEadded 2021/04/14 3:15 p.m.36 views

CVE-2021-27705

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.

9.8CVSS9.5AI score0.03106EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.5 views

CVE-2025-57057

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.1AI score0.00051EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.5 views

CVE-2025-57059

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.1AI score0.00051EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.5 views

CVE-2025-57063

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.1AI score0.00051EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.5 views

CVE-2025-57064

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.1AI score0.00051EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.4 views

CVE-2025-57058

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS6.8AI score0.00051EPSS
CVE
CVEadded 2025/09/09 5:16 p.m.4 views

CVE-2025-57061

Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS6.8AI score0.00051EPSS