CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44557
https://notcve.org/view.php?id=CVE-2024-44557
26 Aug 2024 — Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. • https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-setIptvInfo-5aee8fa8b7754d319ee35027d3628f2e?pvs=4 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44558
https://notcve.org/view.php?id=CVE-2024-44558
26 Aug 2024 — Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. • https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-setIptvInfo-5aee8fa8b7754d319ee35027d3628f2e?pvs=4 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44563
https://notcve.org/view.php?id=CVE-2024-44563
26 Aug 2024 — Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. • https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-getIptvInfo-d15d44b770e24213a8dcb13a4812e3f4?pvs=4 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44565
https://notcve.org/view.php?id=CVE-2024-44565
26 Aug 2024 — Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set. • https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-form_fast_setting_internet_set-fe072267132d42be935ea4d7a53f7369?pvs=4 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44386
https://notcve.org/view.php?id=CVE-2024-44386
23 Aug 2024 — Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function fromSetIpBind. • https://github.com/GroundCTL2MajorTom/pocs/blob/main/tenda_FH1206_buffer_overflow2.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44387
https://notcve.org/view.php?id=CVE-2024-44387
23 Aug 2024 — Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the functino formWrlExtraGet. • https://github.com/GroundCTL2MajorTom/pocs/blob/main/tenda_FH1206_buffer_overflow1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44390
https://notcve.org/view.php?id=CVE-2024-44390
23 Aug 2024 — Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafeset. • https://github.com/GroundCTL2MajorTom/pocs/blob/main/tenda_FH1206_buffer_overflow8.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-42634
https://notcve.org/view.php?id=CVE-2024-42634
16 Aug 2024 — A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15.03.06.42. As a result, attacker can execute OS commands with root privileges. • https://github.com/goldds96/Report/blob/main/Tenda/AC9/CI.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42940
https://notcve.org/view.php?id=CVE-2024-42940
15 Aug 2024 — Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1201/fromP2pListFilter.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42941
https://notcve.org/view.php?id=CVE-2024-42941
15 Aug 2024 — Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1201/fromAdvSetWan_pptpPPW.md • CWE-121: Stack-based Buffer Overflow •