W15e Firmware Security Vulnerabilities and Issues — W15e Firmware CVE List

Lucene search

TendaW15e Firmware

10 matches found

CVE•added 2023/03/13 2:15 p.m.•87 views

CVE-2023-27064

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.6AI score0.00161EPSS

CVE•added 2022/11/15 3:15 a.m.•49 views

CVE-2022-42053

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function.

7.8CVSS7.8AI score0.00333EPSS

CVE•added 2022/11/15 2:15 a.m.•48 views

CVE-2022-40847

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.

7.8CVSS7.8AI score0.00306EPSS

CVE•added 2022/11/15 3:15 a.m.•47 views

CVE-2022-42060

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

7.5CVSS7.5AI score0.00183EPSS

CVE•added 2022/11/15 3:15 a.m.•46 views

CVE-2022-41395

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the dmzHost parameter in the setDMZ function.

7.8CVSS7.8AI score0.00306EPSS

CVE•added 2017/09/17 10:29 p.m.•44 views

CVE-2017-14514

Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.

7.5CVSS7.3AI score0.00407EPSS

CVE•added 2022/11/15 3:15 a.m.•41 views

CVE-2022-41396

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.

7.8CVSS8.1AI score0.00306EPSS

CVE•added 2017/09/17 10:29 p.m.•37 views

CVE-2017-14515

Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.

7.5CVSS7.4AI score0.00653EPSS

CVE•added 2023/03/13 2:15 p.m.•36 views

CVE-2023-27062

Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.6AI score0.00161EPSS

CVE•added 2023/03/13 2:15 p.m.•33 views

CVE-2023-27065

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5CVSS7.6AI score0.00161EPSS