CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30612
https://notcve.org/view.php?id=CVE-2024-30612
28 Mar 2024 — Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function. Tenda AC10U v15.03.06.48 tiene una vulnerabilidad de desbordamiento de la región stack de la memoria en el parámetro deviceId, limitSpeed, limitSpeedUp de la función formSetClientState. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetClientState.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0932 – Tenda AC10U setSmartPowerManagement stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0932
26 Jan 2024 — A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/setSmartPowerManagement.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0931 – Tenda AC10U saveParentControlInfo stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0931
26 Jan 2024 — A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/saveParentControlInfo_1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0930 – Tenda AC10U fromSetWirelessRepeat stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0930
26 Jan 2024 — A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromSetWirelessRepeat.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0929 – Tenda AC10U fromNatStaticSetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0929
26 Jan 2024 — A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromNatStaticSetting.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0928 – Tenda AC10U fromDhcpListClient stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0928
26 Jan 2024 — A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromDhcpListClient_1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0927 – Tenda AC10U fromAddressNat stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0927
26 Jan 2024 — A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromAddressNat_1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0926 – Tenda AC10U formWifiWpsOOB stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0926
26 Jan 2024 — A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formWifiWpsOOB.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0925 – Tenda AC10U formSetVirtualSer stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0925
26 Jan 2024 — A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formSetVirtualSer.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0923 – Tenda AC10U formSetDeviceName stack-based overflow
https://notcve.org/view.php?id=CVE-2024-0923
26 Jan 2024 — A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formSetDeviceName.md • CWE-121: Stack-based Buffer Overflow •