CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-5071
https://notcve.org/view.php?id=CVE-2019-5071
21 Nov 2019 — An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability. Se presenta una vulnerabilidad de inyección de comandos explotable en la funcionalidad /goform/Wa... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0861 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-16412
https://notcve.org/view.php?id=CVE-2019-16412
19 Sep 2019 — In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.) En goform/setSysTools en los enrutadores inalámbricos Tenda N301, los atacantes pueden desencadenar un bloqueo del dispositivo por medio de un valor wanMTU cero. (La prohibición de este valor cero solo es aplicado dentro de la GUI). • https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-16412.pdf • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2018-20373
https://notcve.org/view.php?id=CVE-2018-20373
23 Dec 2018 — Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client. Los routers módem ADSL de Tenda, en versiones 1.0.1, permiten Cross-Site Scripting (XSS) mediante el nombre de host de un cliente DHCP. • https://www.vulnerability-lab.com/get_content.php?id=1990 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-16333
https://notcve.org/view.php?id=CVE-2018-16333
02 Sep 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Se ha descubierto un problema en dispositivos Tenda AC7 V... • https://github.com/ZIllR0/Routers/blob/master/Tenda/oob1.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 1CVE-2018-16334
https://notcve.org/view.php?id=CVE-2018-16334
02 Sep 2018 — An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection. "Se ha descubierto un problema en dispositivos Tenda AC9 V15.03.05.19(6318)_CN y AC10 V15.03.06.23_CN. El parámetro mac en una petición POST se emplea directamente en una llamada doSystemCmd, provocando la inyección de comandos del sistema operativo." • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-04/tenda.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2018-14497 – Tenda ADSL Router D152 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-14497
03 Aug 2018 — Tenda D152 ADSL routers allow XSS via a crafted SSID. Los routers ADSL Tenda D152 permiten Cross-Site Scripting (XSS) mediante un SSID manipulado. Tenda ADSL router D152 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/45336 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-14492
https://notcve.org/view.php?id=CVE-2018-14492
21 Jul 2018 — Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. Los dispositivos Tenda AC7 hasta la versión V15.03.06.44_CN, AC9 hasta la versión V15.03.05.19(6318)_CN y AC10 hasta la versión V15.03.06.23_CN tienen un desbordamiento de búfer basado en pila mediante unos parámetros limitSpeed o limitSpeedup largos en un URI /goform sin especificar. • https://github.com/ZIllR0/Routers/blob/master/Tendaoob1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5768
https://notcve.org/view.php?id=CVE-2018-5768
20 Mar 2018 — A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header. Un atacante remoto no autenticado puede obtener ejecución remota de código en el router Tenda AC15 con un parámetro de contraseña especialmente manipulado para la cabecera COOKIE. • https://www.fidusinfosec.com/tenda-ac15-hard-coded-accounts-cve-2018-5768 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2018-5770
https://notcve.org/view.php?id=CVE-2018-5770
20 Mar 2018 — An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in. Se ha descubierto un problema en dispositivos Tenda AC15. Un atacante remoto no autenticado puede hacer una petición en /goform/telnet, creando un servicio telnetd en el dispositivo. • https://www.fidusinfosec.com/tenda-ac15-unauthenticated-telnetd-start-cve-2018-5770 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2018-7561
https://notcve.org/view.php?id=CVE-2018-7561
01 Mar 2018 — Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. Desbordamiento de búfer basado en pila en httpd en dispositivos Tenda AC9 V15.03.05.14_EN permite que atacantes remotos provoquen una denegación de servicio (DoS) u otro tipo de impacto sin especificar. • https://github.com/VulDetailsPublication/Poc/tree/master/Tenda/AC9 • CWE-787: Out-of-bounds Write •