CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2023-45483
https://notcve.org/view.php?id=CVE-2023-45483
29 Nov 2023 — Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. Se descubrió que la versión Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn contenía un desbordamiento de pila a través del parámetro de tiempo en la función compare_parentcontrol_time. • https://github.com/l3m0nade/IOTvul/blob/master/assets/compare_parentcontrol_time_code.png • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2023-45484
https://notcve.org/view.php?id=CVE-2023-45484
29 Nov 2023 — Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. Se descubrió que la versión Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn contenía un desbordamiento de pila a través del parámetro shareSpeed en la función fromSetWifiGuestBasic. • https://github.com/l3m0nade/IOTvul/blob/master/assets/fromSetWifiGuestBasic_code.png • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-42320
https://notcve.org/view.php?id=CVE-2023-42320
18 Sep 2023 — Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. La vulnerabilidad de Desbordamiento de Búfer en Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 permite a un atacante remoto provocar una denegación de servicio a través del parámetro mac en la función GetParentControlInfo. • https://github.com/aixiao0621/Tenda/blob/main/AC10/0.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38931
https://notcve.org/view.php?id=CVE-2023-38931
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/cloudv2_setaccount/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38935
https://notcve.org/view.php?id=CVE-2023-38935
07 Aug 2023 — Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetQosBand/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1CVE-2023-38937
https://notcve.org/view.php?id=CVE-2023-38937
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetVirtualSer/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27012
https://notcve.org/view.php?id=CVE-2023-27012
07 Apr 2023 — Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC10/5/5.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27013
https://notcve.org/view.php?id=CVE-2023-27013
07 Apr 2023 — Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC10/2/2.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27014
https://notcve.org/view.php?id=CVE-2023-27014
07 Apr 2023 — Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC10/10/10.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27015
https://notcve.org/view.php?id=CVE-2023-27015
07 Apr 2023 — Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC10/4/4.md • CWE-787: Out-of-bounds Write •