CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-24543
https://notcve.org/view.php?id=CVE-2024-24543
Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. Vulnerabilidad de desbordamiento de búfer en la función setSchedWifi en Tenda AC9 v.3.0, versión de firmware v.15.03.06.42_multi permite a un atacante remoto provocar una denegación de servicio o ejecutar código arbitrario a través de datos de desbordamiento manipulados. • https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38823
https://notcve.org/view.php?id=CVE-2023-38823
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. Vulnerabilidad de desbordamiento del búfer en Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 y v.1.0 permite a un atacante remoto ejecutar código arbitrario a través de la función formSetCfm en bin/httpd. • https://github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md https://github.com/johnathanhuutri/CVE_report/blob/master/CVE-2023-38823/README.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-41553
https://notcve.org/view.php?id=CVE-2023-41553
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg. • https://github.com/peris-navince/founded-0-days/blob/main/fromSetRouteStatic/1.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-41552
https://notcve.org/view.php?id=CVE-2023-41552
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set. • https://github.com/peris-navince/founded-0-days/blob/main/form_fast_setting_wifi_set/1.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-41563
https://notcve.org/view.php?id=CVE-2023-41563
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo. • https://github.com/peris-navince/founded-0-days/blob/main/GetParentControlInfo/1.md • CWE-787: Out-of-bounds Write •